SECURITY: Leave a clean smtp_out input buffer even in case of read error

Based on Heiko Schlittermann's commit 54895bc3. This fixes:

7/ In src/smtp_out.c, read_response_line(), inblock->ptr is not updated
when -1 is returned. This does not seem to have bad consequences, but is
maybe not the intended behavior.

(cherry picked from commit 30f5d98786fb4e6ccfdd112fe65c153f0ee34c5f)

diff --git a/src/src/smtp_out.c b/src/src/smtp_out.c
index d6dfba52e02840197012b9cf683a2052a78d912f..d1f69024e172cf75e6c899fdad166d04e3c59798 100644 (file)
--- a/src/src/smtp_out.c
+++ b/src/src/smtp_out.c
@@ -425,7 +425,7 @@ if (ob->socks_proxy)
   {
   int sock = socks_sock_connect(sc->host, sc->host_af, port, sc->interface,
                                sc->tblock, ob->connect_timeout);
-
+  
   if (sock >= 0)
     {
     if (early_data && early_data->data && early_data->len)
@@ -710,6 +710,7 @@ for (;;)
 /* Get here if there has been some kind of recv() error; errno is set, but we
 ensure that the result buffer is empty before returning. */
 
+inblock->ptr = inblock->ptrend = inblock->buffer;
 *buffer = 0;
 return -1;
 }