CHUNKING: flush input stream after message-fatal error detection. Bug 2201

Cherry-picked from: d21bf202db

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 2da95deb30c5f4565d948015fdce965f657b31c4..d62ac46d92e05f06b39b33d8c78c0e0ec00efbf6 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -66,6 +66,11 @@ HS/03 Bug 2201: Fix checking for leading-dot on a line during headers reading
       from SMTP input.  Previously it was always done; now only done for DATA
       and not BDAT commands.  CVE-2017-16944.
 
+JH/35 Bug 2201: Flush received data in BDAT mode after detecting an error fatal
+      to the message (such as an overlong header line).  Previously this was
+      not done and we did not exit BDAT mode.  Followon from the previous item
+      though a different problem.
+
 
 Exim version 4.89
 -----------------

diff --git a/src/src/receive.c b/src/src/receive.c
index 2812ea2c87743f5db2171cbf86e00c6c24d08a9e..ad9b6a2351c5ee05c4187da78690dd2bb78e461a 100644 (file)
--- a/src/src/receive.c
+++ b/src/src/receive.c
@@ -1020,7 +1020,6 @@ for(;;)
 
 
 
-
 /*************************************************
 *             Swallow SMTP message               *
 *************************************************/
@@ -1037,9 +1036,10 @@ Returns:     nothing
 void
 receive_swallow_smtp(void)
 {
-/*XXX CHUNKING: not enough.  read chunks until RSET? */
 if (message_ended >= END_NOTENDED)
-  message_ended = read_message_data_smtp(NULL);
+  message_ended = chunking_state <= CHUNKING_OFFERED
+     ? read_message_data_smtp(NULL)
+     : read_message_bdat_smtp(NULL);
 }