From: Philip Hazel Date: Mon, 8 Aug 2005 09:57:29 +0000 (+0000) Subject: Fix memory bug (could segfault) for $reply_address when Reply-to: is X-Git-Tag: exim-4_53~60 X-Git-Url: https://git.exim.org/users/jgh/exim.git/commitdiff_plain/41a13e0aab243e127589673148ca9f136d21ff83?ds=sidebyside Fix memory bug (could segfault) for $reply_address when Reply-to: is empty and From: does not exist. --- diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index b953ab84e..8a00fffd9 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.198 2005/08/03 09:29:24 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.199 2005/08/08 09:57:29 ph10 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -60,6 +60,9 @@ JJ/01 exipick: added $message_exim_id variable (see 4.53-PH/04) TK/03 Fix log output including CR from clamd. +PH/14 A reference to $reply_address when Reply-to: was empty and From: did not + exist provoked a memory error which could cause a segfault. + Exim version 4.52 ----------------- diff --git a/src/src/expand.c b/src/src/expand.c index 92e342d37..25e286390 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/expand.c,v 1.39 2005/08/01 15:01:12 ph10 Exp $ */ +/* $Cambridge: exim/src/src/expand.c,v 1.40 2005/08/08 09:57:29 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -1427,7 +1427,10 @@ while (last > first) s = find_header(US"reply-to:", exists_only, newsize, FALSE, headers_charset); if (s == NULL || *s == 0) + { + *newsize = 0; /* For the *s==0 case */ s = find_header(US"from:", exists_only, newsize, FALSE, headers_charset); + } return (s == NULL)? US"" : s; /* A recipients list is available only during system message filtering,