ARC: limit verify chain to 50-deep

author Jeremy Harris <jgh146exb@wizmail.org>

Tue, 24 Apr 2018 12:07:53 +0000 (13:07 +0100)

committer Jeremy Harris <jgh146exb@wizmail.org>

Tue, 24 Apr 2018 12:07:53 +0000 (13:07 +0100)
author Jeremy Harris <jgh146exb@wizmail.org>
Tue, 24 Apr 2018 12:07:53 +0000 (13:07 +0100)
committer Jeremy Harris <jgh146exb@wizmail.org>
Tue, 24 Apr 2018 12:07:53 +0000 (13:07 +0100)
diff --git a/src/src/arc.c b/src/src/arc.c

index ddf73959c31eb69fec0326fd3da3b2cb06a1be65..53d06de67cb6c62ef58bd77d26bd12e251699dba 100644 (file)
--- a/src/src/arc.c
+++ b/src/src/arc.c
@@ -382,7 +382,7 @@ static uschar *
  arc_insert_hdr(arc_ctx * ctx, header_line * h, unsigned off, unsigned hoff,
    BOOL instance_only)
  {
  arc_insert_hdr(arc_ctx * ctx, header_line * h, unsigned off, unsigned hoff,
    BOOL instance_only)
  {
-int i;
+unsigned i;
  arc_set * as;
  arc_line * al = store_get(sizeof(arc_line)), ** alp;
  uschar * e;
  arc_set * as;
  arc_line * al = store_get(sizeof(arc_line)), ** alp;
  uschar * e;
@@ -395,6 +395,7 @@ if ((e = arc_parse_line(al, h, off, instance_only)))
    return US"line parse";
    }
  if (!(i = arc_instance_from_hdr(al)))  return US"instance find";
    return US"line parse";
    }
  if (!(i = arc_instance_from_hdr(al)))  return US"instance find";
+if (i > 50)                            return US"overlarge instance number";
  if (!(as = arc_find_set(ctx, i)))      return US"set find";
  if (*(alp = (arc_line **)(US as + hoff))) return US"dup hdr";
  
  if (!(as = arc_find_set(ctx, i)))      return US"set find";
  if (*(alp = (arc_line **)(US as + hoff))) return US"dup hdr";
author	Jeremy Harris <jgh146exb@wizmail.org>
	Tue, 24 Apr 2018 12:07:53 +0000 (13:07 +0100)
committer	Jeremy Harris <jgh146exb@wizmail.org>
	Tue, 24 Apr 2018 12:07:53 +0000 (13:07 +0100)