From e0fccd1ddccf02568e9f8e6af38e62513f306fe5 Mon Sep 17 00:00:00 2001 From: Tony Finch Date: Fri, 7 Dec 2012 11:52:09 +0000 Subject: [PATCH 1/1] A safer version of the check for gecos expansion. --- src/src/receive.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/src/receive.c b/src/src/receive.c index eef0531a8..efd0766e7 100644 --- a/src/src/receive.c +++ b/src/src/receive.c @@ -2039,8 +2039,8 @@ for (h = header_list->next; h != NULL; h = h->next) uschar *s = Ustrchr(h->text, ':') + 1; while (isspace(*s)) s++; len = h->slen - (s - h->text) - 1; - if (strncmpic(s, originator_login, len) == 0 - && Ustrlen(originator_login) == len) + if (Ustrlen(originator_login) == len && + strncmpic(s, originator_login, len) == 0) { uschar *name = is_resent? US"Resent-From" : US"From"; header_add(htype_from, "%s: %s <%s@%s>\n", name, originator_name, -- 2.30.2