From c06ddd664f4a0f6e485f6f9f6b5086aa4719a441 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Thu, 26 Mar 2020 16:05:19 +0000 Subject: [PATCH 1/1] Fix argument checking for ${readsocket } --- doc/doc-txt/ChangeLog | 3 +++ src/src/expand.c | 5 +++-- test/scripts/0000-Basic/0373 | 4 ++++ test/stdout/0373 | 2 ++ 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index be07ba625..7e5de8880 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -156,6 +156,9 @@ JH/33 Fix the dsearch lookup to return an untainted result. Previously the taint of the lookup key was maintained; we now regard the presence in the filesystem as sufficient validation. +JH/34 Fix the readsocket expansion to not segfault when an empty "options" + argument is supplied. + Exim version 4.93 ----------------- diff --git a/src/src/expand.c b/src/src/expand.c index fddad3179..f937ac337 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -5335,8 +5335,9 @@ while (*s != 0) uschar * item; int sep = 0; - item = string_nextinlist(&list, &sep, NULL, 0); - if ((timeout = readconf_readtime(item, 0, FALSE)) < 0) + if ( !(item = string_nextinlist(&list, &sep, NULL, 0)) + || !*item + || (timeout = readconf_readtime(item, 0, FALSE)) < 0) { expand_string_message = string_sprintf("bad time value %s", item); goto EXPAND_FAILED; diff --git a/test/scripts/0000-Basic/0373 b/test/scripts/0000-Basic/0373 index 02cdc31fc..0f63cee9b 100644 --- a/test/scripts/0000-Basic/0373 +++ b/test/scripts/0000-Basic/0373 @@ -102,3 +102,7 @@ exim -be 10 >>${readsocket{inet:badloop:PORT_S}{QUERY-10\n}}<< 11 >>${readsocket{inet:thisloop:PORT_S}{QUERY-11\n}{2s:shutdown=no}}<< **** +# +exim -be +crash-regression-check >>${readsocket{inet:127.0.0.1:PORT_N}{}{}}<< +**** diff --git a/test/stdout/0373 b/test/stdout/0373 index b6f6f1905..a4acc6591 100644 --- a/test/stdout/0373 +++ b/test/stdout/0373 @@ -28,6 +28,8 @@ > 11 >>ANSWER-11 << > +> Failed: bad time value NULL +> ******** SERVER ******** Listening on TESTSUITE/test-socket ... -- 2.30.2