diff options
author | nectar <nectar@FreeBSD.org> | 2003-09-17 15:10:36 +0000 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2003-09-17 15:10:36 +0000 |
commit | ac5ff30ae19ff6f7473f23c0d36d94301124b150 (patch) | |
tree | 744c5b0875a46b49b26ea91524f8ff2e06b5d440 /contrib/sendmail/src | |
parent | 3c5a1e863a66866807948f160122c79d2dd388f5 (diff) | |
download | FreeBSD-src-ac5ff30ae19ff6f7473f23c0d36d94301124b150.zip FreeBSD-src-ac5ff30ae19ff6f7473f23c0d36d94301124b150.tar.gz |
Correct address parsing bug that is believed to be remotely exploitable.
Submitted by: Michal Zalewski <lcamtuf@dione.ids.pl>
Diffstat (limited to 'contrib/sendmail/src')
-rw-r--r-- | contrib/sendmail/src/parseaddr.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/contrib/sendmail/src/parseaddr.c b/contrib/sendmail/src/parseaddr.c index 6acc86d..8128171 100644 --- a/contrib/sendmail/src/parseaddr.c +++ b/contrib/sendmail/src/parseaddr.c @@ -700,7 +700,11 @@ prescan(addr, delim, pvpbuf, pvpbsize, delimptr, toktab) addr[MAXNAME] = '\0'; returnnull: if (delimptr != NULL) + { + if (p > addr) + p--; *delimptr = p; + } CurEnv->e_to = saveto; return NULL; } |