Fix undersized buffer use by eximon. Bug 1527

The long spoolfile line now used for certificate info was too big,
resulting in an apparent syntax error in the file.
Apart from using a decent size, do autogrow in case of immense
certificates.

diff --git a/src/Makefile b/src/Makefile
index 99f4ab308eeffee7de11b610881f42dc6e1ccde5..96c0d58ee0ed4d28614930cafb8ecbc8f72e719a 100644 (file)
--- a/src/Makefile
+++ b/src/Makefile
@@ -90,7 +90,7 @@ distclean:; $(RM_COMMAND) -rf build-* cscope*
 cscope.files: FRC
        echo "-q" > $@
        echo "-p3" >> $@
 cscope.files: FRC
        echo "-q" > $@
        echo "-p3" >> $@

-       find src Local OS -name "*.[cshyl]" -print \
+       find src Local OS exim_monitor -name "*.[cshyl]" -print \

                    -o -name "os.h*" -print \
                    -o -name "*akefile*" -print \
                    -o -name EDITME -print >> $@
                    -o -name "os.h*" -print \
                    -o -name "*akefile*" -print \
                    -o -name EDITME -print >> $@

diff --git a/src/exim_monitor/em_globals.c b/src/exim_monitor/em_globals.c
index 671bd7f030167a81bd00b42255d5958b85b1a278..918659d9867c65ceb9cf9a55fc8513d2e852bbb6 100644 (file)
--- a/src/exim_monitor/em_globals.c
+++ b/src/exim_monitor/em_globals.c
@@ -220,6 +220,10 @@ tls_support tls_in = {
  -1,   /* tls_active */
  0,    /* bits */
  FALSE,        /* tls_certificate_verified */
  -1,   /* tls_active */
  0,    /* bits */
  FALSE,        /* tls_certificate_verified */

+#ifdef EXPERIMENTAL_DANE
+ FALSE, /* dane_verified */
+ 0,     /* tlsa_usage */
+#endif

  NULL, /* tls_cipher */
  FALSE,        /* tls_on_connect */
  NULL, /* tls_on_connect_ports */
  NULL, /* tls_cipher */
  FALSE,        /* tls_on_connect */
  NULL, /* tls_on_connect_ports */

diff --git a/src/exim_monitor/em_main.c b/src/exim_monitor/em_main.c
index d210a07179dfd07ca38c5c33591d367337421037..e8e763184360fde3de3144e809ede76d19378bad 100644 (file)
--- a/src/exim_monitor/em_main.c
+++ b/src/exim_monitor/em_main.c
@@ -613,7 +613,6 @@ message_subdir[1] = 0;
 constructing file names and things. This call will initialize
 the store_get() function. */
 
 constructing file names and things. This call will initialize
 the store_get() function. */
 

-big_buffer_size = 1024;

 big_buffer = store_get(big_buffer_size);
 
 /* Set up the version string and date and output them */
 big_buffer = store_get(big_buffer_size);
 
 /* Set up the version string and date and output them */

diff --git a/src/src/spool_in.c b/src/src/spool_in.c
index bbb4da6aaa117840f720166e04fbcacb2361cf9a..77d1321ec705e16e198b1ef8b417ba9abd4987f6 100644 (file)
--- a/src/src/spool_in.c
+++ b/src/src/spool_in.c
@@ -360,6 +360,7 @@ originator_login = string_copy(big_buffer);
 originator_uid = (uid_t)uid;
 originator_gid = (gid_t)gid;
 
 originator_uid = (uid_t)uid;
 originator_gid = (gid_t)gid;
 

+/* envelope from */

 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
 n = Ustrlen(big_buffer);
 if (n < 3 || big_buffer[0] != '<' || big_buffer[n-2] != '>')
 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
 n = Ustrlen(big_buffer);
 if (n < 3 || big_buffer[0] != '<' || big_buffer[n-2] != '>')


@@ -369,6 +370,7 @@ sender_address = store_get(n-2);
 Ustrncpy(sender_address, big_buffer+1, n-3);
 sender_address[n-3] = 0;
 
 Ustrncpy(sender_address, big_buffer+1, n-3);
 sender_address[n-3] = 0;
 

+/* time */

 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
 if (sscanf(CS big_buffer, "%d %d", &received_time, &warning_count) != 2)
   goto SPOOL_FORMAT_ERROR;
 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
 if (sscanf(CS big_buffer, "%d %d", &received_time, &warning_count) != 2)
   goto SPOOL_FORMAT_ERROR;


@@ -397,9 +399,22 @@ version that left new-style flags written on the spool. */
 p = big_buffer + 2;
 for (;;)
   {
 p = big_buffer + 2;
 for (;;)
   {

+  int len;

   if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
   if (big_buffer[0] != '-') break;
   if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
   if (big_buffer[0] != '-') break;

-  big_buffer[Ustrlen(big_buffer) - 1] = 0;
+  while (  (len = Ustrlen(big_buffer)) == big_buffer_size-1
+       && big_buffer[len-1] != '\n'
+       )
+    {  /* buffer not big enough for line; certs make this possible */
+    uschar * buf;
+    if (big_buffer_size >= BIG_BUFFER_SIZE*4) goto SPOOL_READ_ERROR;
+    buf = store_get_perm(big_buffer_size *= 2);
+    memcpy(buf, big_buffer, --len);
+    big_buffer = buf;
+    if (Ufgets(big_buffer+len, big_buffer_size-len, f) == NULL)
+      goto SPOOL_READ_ERROR;
+    }
+  big_buffer[len-1] = 0;

 
   switch(big_buffer[1])
     {
 
   switch(big_buffer[1])
     {


@@ -469,16 +484,16 @@ for (;;)
       body_linecount = Uatoi(big_buffer + 15);
     else if (Ustrncmp(p, "ody_zerocount", 13) == 0)
       body_zerocount = Uatoi(big_buffer + 15);
       body_linecount = Uatoi(big_buffer + 15);
     else if (Ustrncmp(p, "ody_zerocount", 13) == 0)
       body_zerocount = Uatoi(big_buffer + 15);

-    #ifdef EXPERIMENTAL_BRIGHTMAIL
+#ifdef EXPERIMENTAL_BRIGHTMAIL

     else if (Ustrncmp(p, "mi_verdicts ", 12) == 0)
       bmi_verdicts = string_copy(big_buffer + 14);
     else if (Ustrncmp(p, "mi_verdicts ", 12) == 0)
       bmi_verdicts = string_copy(big_buffer + 14);

-    #endif
+#endif

     break;
 
     case 'd':
     if (Ustrcmp(p, "eliver_firsttime") == 0)
       deliver_firsttime = TRUE;
     break;
 
     case 'd':
     if (Ustrcmp(p, "eliver_firsttime") == 0)
       deliver_firsttime = TRUE;

-    #ifdef EXPERIMENTAL_DSN
+#ifdef EXPERIMENTAL_DSN

     /* Check if the dsn flags have been set in the header file */
     else if (Ustrncmp(p, "sn_ret", 6) == 0)
       {
     /* Check if the dsn flags have been set in the header file */
     else if (Ustrncmp(p, "sn_ret", 6) == 0)
       {


@@ -488,7 +503,7 @@ for (;;)
       {
       dsn_envid = string_copy(big_buffer + 11);
       }
       {
       dsn_envid = string_copy(big_buffer + 11);
       }

-    #endif
+#endif

     break;
 
     case 'f':
     break;
 
     case 'f':


@@ -558,24 +573,24 @@ for (;;)
     case 's':
     if (Ustrncmp(p, "ender_set_untrusted", 19) == 0)
       sender_set_untrusted = TRUE;
     case 's':
     if (Ustrncmp(p, "ender_set_untrusted", 19) == 0)
       sender_set_untrusted = TRUE;

-    #ifdef WITH_CONTENT_SCAN
+#ifdef WITH_CONTENT_SCAN

     else if (Ustrncmp(p, "pam_score_int ", 14) == 0)
       spam_score_int = string_copy(big_buffer + 16);
     else if (Ustrncmp(p, "pam_score_int ", 14) == 0)
       spam_score_int = string_copy(big_buffer + 16);

-    #endif
+#endif

     break;
 
     break;
 

-    #ifdef SUPPORT_TLS
+#ifdef SUPPORT_TLS

     case 't':
     if (Ustrncmp(p, "ls_certificate_verified", 23) == 0)
       tls_in.certificate_verified = TRUE;
     else if (Ustrncmp(p, "ls_cipher", 9) == 0)
       tls_in.cipher = string_copy(big_buffer + 12);
     case 't':
     if (Ustrncmp(p, "ls_certificate_verified", 23) == 0)
       tls_in.certificate_verified = TRUE;
     else if (Ustrncmp(p, "ls_cipher", 9) == 0)
       tls_in.cipher = string_copy(big_buffer + 12);

-#ifndef COMPILE_UTILITY
+# ifndef COMPILE_UTILITY       /* tls support fns not built in */

     else if (Ustrncmp(p, "ls_ourcert", 10) == 0)
       (void) tls_import_cert(big_buffer + 13, &tls_in.ourcert);
     else if (Ustrncmp(p, "ls_peercert", 11) == 0)
       (void) tls_import_cert(big_buffer + 14, &tls_in.peercert);
     else if (Ustrncmp(p, "ls_ourcert", 10) == 0)
       (void) tls_import_cert(big_buffer + 13, &tls_in.ourcert);
     else if (Ustrncmp(p, "ls_peercert", 11) == 0)
       (void) tls_import_cert(big_buffer + 14, &tls_in.peercert);

-#endif
+# endif

     else if (Ustrncmp(p, "ls_peerdn", 9) == 0)
       tls_in.peerdn = string_unprinting(string_copy(big_buffer + 12));
     else if (Ustrncmp(p, "ls_sni", 6) == 0)
     else if (Ustrncmp(p, "ls_peerdn", 9) == 0)
       tls_in.peerdn = string_unprinting(string_copy(big_buffer + 12));
     else if (Ustrncmp(p, "ls_sni", 6) == 0)


@@ -583,7 +598,7 @@ for (;;)
     else if (Ustrncmp(p, "ls_ocsp", 7) == 0)
       tls_in.ocsp = big_buffer[10] - '0';
     break;
     else if (Ustrncmp(p, "ls_ocsp", 7) == 0)
       tls_in.ocsp = big_buffer[10] - '0';
     break;

-    #endif
+#endif

 
     default:    /* Present because some compilers complain if all */
     break;      /* possibilities are not covered. */
 
     default:    /* Present because some compilers complain if all */
     break;      /* possibilities are not covered. */


@@ -634,10 +649,10 @@ for (recipients_count = 0; recipients_count < rcount; recipients_count++)
   {
   int nn;
   int pno = -1;
   {
   int nn;
   int pno = -1;

-  #ifdef EXPERIMENTAL_DSN
+#ifdef EXPERIMENTAL_DSN

   int dsn_flags = 0;
   uschar *orcpt = NULL;
   int dsn_flags = 0;
   uschar *orcpt = NULL;

-  #endif
+#endif

   uschar *errors_to = NULL;
   uschar *p;
 
   uschar *errors_to = NULL;
   uschar *p;
 


@@ -714,11 +729,9 @@ for (recipients_count = 0; recipients_count < rcount; recipients_count++)
     {
     int flags;
 
     {
     int flags;
 

-    #ifdef EXPERIMENTAL_DSN
-    #ifndef COMPILE_UTILITY
-      DEBUG(D_deliver) debug_printf("**** SPOOL_IN - Exim 4 standard format spoolfile\n");
-    #endif  /* COMPILE_UTILITY */
-    #endif
+#if defined(EXPERIMENTAL_DSN) && !defined (COMPILE_UTILITY)
+    DEBUG(D_deliver) debug_printf("**** SPOOL_IN - Exim 4 standard format spoolfile\n");
+#endif

 
     (void)sscanf(CS p+1, "%d", &flags);
 
 
     (void)sscanf(CS p+1, "%d", &flags);
 


@@ -753,12 +766,9 @@ for (recipients_count = 0; recipients_count < rcount; recipients_count++)
     *(--p) = 0;   /* Terminate address */
 #endif  /* EXPERIMENTAL_DSN */
     }
     *(--p) = 0;   /* Terminate address */
 #endif  /* EXPERIMENTAL_DSN */
     }

-#ifdef EXPERIMENTAL_DSN
-  #ifndef COMPILE_UTILITY
+#if defined(EXPERIMENTAL_DSN) && !defined(COMPILE_UTILITY)

   else
   else

-    {
-       DEBUG(D_deliver) debug_printf("**** SPOOL_IN - No additional fields\n");
-    }
+    { DEBUG(D_deliver) debug_printf("**** SPOOL_IN - No additional fields\n"); }

 
   if ((orcpt != NULL) || (dsn_flags != 0))
     {
 
   if ((orcpt != NULL) || (dsn_flags != 0))
     {


@@ -770,16 +780,15 @@ for (recipients_count = 0; recipients_count < rcount; recipients_count++)
     DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| errorsto: |%s|\n",
       big_buffer, errors_to);
     }
     DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| errorsto: |%s|\n",
       big_buffer, errors_to);
     }

-  #endif  /* COMPILE_UTILITY */

 #endif  /* EXPERIMENTAL_DSN */
 
   recipients_list[recipients_count].address = string_copy(big_buffer);
   recipients_list[recipients_count].pno = pno;
   recipients_list[recipients_count].errors_to = errors_to;
 #endif  /* EXPERIMENTAL_DSN */
 
   recipients_list[recipients_count].address = string_copy(big_buffer);
   recipients_list[recipients_count].pno = pno;
   recipients_list[recipients_count].errors_to = errors_to;

-  #ifdef EXPERIMENTAL_DSN
+#ifdef EXPERIMENTAL_DSN

   recipients_list[recipients_count].orcpt = orcpt;
   recipients_list[recipients_count].dsn_flags = dsn_flags;
   recipients_list[recipients_count].orcpt = orcpt;
   recipients_list[recipients_count].dsn_flags = dsn_flags;

-  #endif
+#endif

   }
 
 /* The remainder of the spool header file contains the headers for the message,
   }
 
 /* The remainder of the spool header file contains the headers for the message,


@@ -862,9 +871,9 @@ if (errno != 0)
   {
   n = errno;
 
   {
   n = errno;
 

-  #ifndef COMPILE_UTILITY
+#ifndef COMPILE_UTILITY

   DEBUG(D_any) debug_printf("Error while reading spool file %s\n", name);
   DEBUG(D_any) debug_printf("Error while reading spool file %s\n", name);

-  #endif  /* COMPILE_UTILITY */
+#endif  /* COMPILE_UTILITY */

 
   fclose(f);
   errno = n;
 
   fclose(f);
   errno = n;