From 8a8491c0f85e656d5f09490d3373fa087fdd4070 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 20 Oct 2018 21:03:30 +0100 Subject: [PATCH] Fix bad use of library, copying string over itself (cherry picked from commit e30f4f43de211b14bd405a3d0e1579b9bd814908) --- doc/doc-txt/ChangeLog | 4 ++++ src/src/deliver.c | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 40cb14f84..77e56c16d 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -63,6 +63,10 @@ JH/27 Fix logging of proxy address. Previously, a pointless "PRX=[]:0" would be included in delivery lines for non-proxied connections, when compiled with SUPPORT_SOCKS and running with proxy logging enabled. +JH/31 Fix a bad use of a copy function, which could be used to pointlessly + copy a string over itself. The library routine is documented as not + supporting overlapping copies, and on MacOS it actually raised a SIGABRT. + Exim version 4.91 ----------------- diff --git a/src/src/deliver.c b/src/src/deliver.c index 34f36cd33..59256ac2c 100644 --- a/src/src/deliver.c +++ b/src/src/deliver.c @@ -5555,7 +5555,8 @@ message size. This use of strcpy() is OK because the length id is checked when it is obtained from a command line (the -M or -q options), and otherwise it is known to be a valid message id. */ -Ustrcpy(message_id, id); +if (id != message_id) + Ustrcpy(message_id, id); deliver_force = forced; return_count = 0; message_size = 0; -- 2.30.2