diff options
author | peter <peter@FreeBSD.org> | 1999-01-24 07:40:56 +0000 |
---|---|---|
committer | peter <peter@FreeBSD.org> | 1999-01-24 07:40:56 +0000 |
commit | d7ac03c10c41129058bfcad4473d778394642703 (patch) | |
tree | 67c9250e87bf08c97b1bdc067576510ed21ad091 /contrib/sendmail/src/readcf.c | |
parent | 2a7bd60222ce3c09208a265ad3a5f1490ccb6768 (diff) | |
download | FreeBSD-src-d7ac03c10c41129058bfcad4473d778394642703.zip FreeBSD-src-d7ac03c10c41129058bfcad4473d778394642703.tar.gz |
Check the patch obtained from sendmail.org for the header denial-of-service
attack into the vendor branch. It is a little unusual doing it this way
but it will eliminate (or minimize anyway) conflicts when 8.9.3 comes out.
Obtained from: sendmail.org (as posted on bugtraq, but without broken tabs)
Diffstat (limited to 'contrib/sendmail/src/readcf.c')
-rw-r--r-- | contrib/sendmail/src/readcf.c | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/contrib/sendmail/src/readcf.c b/contrib/sendmail/src/readcf.c index 56aa825..ab81027 100644 --- a/contrib/sendmail/src/readcf.c +++ b/contrib/sendmail/src/readcf.c @@ -1527,6 +1527,10 @@ struct optioninfo #define O_CONTROLSOCKET 0xa9 { "ControlSocketName", O_CONTROLSOCKET, FALSE }, #endif +#if _FFR_MAX_HEADER_LINES +#define O_MAXHDRLINES 0xaa + { "MaxHeaderLines", O_MAXHDRLINES, FALSE }, +#endif { NULL, '\0', FALSE } }; @@ -2466,6 +2470,25 @@ setoption(opt, val, safe, sticky, e) break; #endif +#if _FFR_MAX_HEADER_LINES + case O_MAXHDRLINES: + p = strchr(val, '/'); + if (p != NULL) + *p++ = '\0'; + MaxHeaderLines = atoi(val); + if (p != NULL && *p != '\0') + MaxHeaderLineLength = atoi(p); + + if (MaxHeaderLines > 0 && + MaxHeaderLines < 50) + printf("Warning: MaxHeaderLines: header line limit set lower than 50\n"); + + if (MaxHeaderLineLength > 0 && + MaxHeaderLineLength < MAXHDRLINELEN) + printf("Warning: MaxHeaderLines: header line length limit set lower than %d\n", MAXHDRLINELEN); + break; +#endif + default: if (tTd(37, 1)) { |