From fc6d65867e82009a6e0671771728d41d3423a790 Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Wed, 13 Dec 2017 12:50:40 +0000
Subject: [PATCH] CHUNKING: flush input stream after message-fatal error
 detection.  Bug 2201

Cherry-picked from: d21bf202db
---
 doc/doc-txt/ChangeLog | 5 +++++
 src/src/receive.c     | 6 +++---
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 2da95deb3..d62ac46d9 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -66,6 +66,11 @@ HS/03 Bug 2201: Fix checking for leading-dot on a line during headers reading
       from SMTP input.  Previously it was always done; now only done for DATA
       and not BDAT commands.  CVE-2017-16944.
 
+JH/35 Bug 2201: Flush received data in BDAT mode after detecting an error fatal
+      to the message (such as an overlong header line).  Previously this was
+      not done and we did not exit BDAT mode.  Followon from the previous item
+      though a different problem.
+
 
 Exim version 4.89
 -----------------
diff --git a/src/src/receive.c b/src/src/receive.c
index 2812ea2c8..ad9b6a235 100644
--- a/src/src/receive.c
+++ b/src/src/receive.c
@@ -1020,7 +1020,6 @@ for(;;)
 
 
 
-
 /*************************************************
 *             Swallow SMTP message               *
 *************************************************/
@@ -1037,9 +1036,10 @@ Returns:     nothing
 void
 receive_swallow_smtp(void)
 {
-/*XXX CHUNKING: not enough.  read chunks until RSET? */
 if (message_ended >= END_NOTENDED)
-  message_ended = read_message_data_smtp(NULL);
+  message_ended = chunking_state <= CHUNKING_OFFERED
+     ? read_message_data_smtp(NULL)
+     : read_message_bdat_smtp(NULL);
 }
 
 
-- 
2.30.2