summaryrefslogtreecommitdiffstats
path: root/contrib/sendmail/src/parseaddr.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/sendmail/src/parseaddr.c')
-rw-r--r--contrib/sendmail/src/parseaddr.c83
1 files changed, 54 insertions, 29 deletions
diff --git a/contrib/sendmail/src/parseaddr.c b/contrib/sendmail/src/parseaddr.c
index 8128171..48ed142 100644
--- a/contrib/sendmail/src/parseaddr.c
+++ b/contrib/sendmail/src/parseaddr.c
@@ -13,7 +13,7 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: parseaddr.c,v 8.359.2.6 2003/03/27 02:39:53 ca Exp $")
+SM_RCSID("@(#)$Id: parseaddr.c,v 8.359.2.9 2003/09/16 18:07:50 ca Exp $")
static void allocaddr __P((ADDRESS *, int, char *, ENVELOPE *));
static int callsubr __P((char**, int, ENVELOPE *));
@@ -702,7 +702,7 @@ prescan(addr, delim, pvpbuf, pvpbsize, delimptr, toktab)
if (delimptr != NULL)
{
if (p > addr)
- p--;
+ --p;
*delimptr = p;
}
CurEnv->e_to = saveto;
@@ -885,9 +885,12 @@ prescan(addr, delim, pvpbuf, pvpbsize, delimptr, toktab)
}
} while (c != '\0' && (c != delim || anglecnt > 0));
*avp = NULL;
- p--;
if (delimptr != NULL)
+ {
+ if (p > addr)
+ p--;
*delimptr = p;
+ }
if (tTd(22, 12))
{
sm_dprintf("prescan==>");
@@ -970,6 +973,11 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)
char buf[MAXLINE];
char name[6];
+ /*
+ ** mlp will not exceed mlist[] because readcf enforces
+ ** the upper limit of entries when reading rulesets.
+ */
+
if (ruleset < 0 || ruleset >= MAXRWSETS)
{
syserr("554 5.3.5 rewrite: illegal ruleset number %d", ruleset);
@@ -1004,6 +1012,8 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)
}
if (pvp == NULL)
return EX_USAGE;
+ if (maxatom <= 0)
+ return EX_USAGE;
/*
** Run through the list of rewrite rules, applying
@@ -1291,16 +1301,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)
while (pp <= m->match_last)
{
if (avp >= &npvp[maxatom])
- {
- syserr("554 5.3.0 rewrite: expansion too long");
- if (LogLevel > 9)
- sm_syslog(LOG_ERR,
- e->e_id,
- "rewrite: expansion too long, ruleset=%s, ruleno=%d",
- rulename,
- ruleno);
- return EX_DATAERR;
- }
+ goto toolong;
*avp++ = *pp++;
}
}
@@ -1407,7 +1408,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)
char **default_rvp;
char cbuf[MAXNAME + 1];
char *pvpb1[MAXATOM + 1];
- char *argvect[10];
+ char *argvect[MAX_MAP_ARGS];
char pvpbuf[PSBUFSIZE];
char *nullpvp[1];
@@ -1431,13 +1432,19 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)
{
endtoken = LOOKUPEND;
mapname = *++rvp;
+ if (mapname == NULL)
+ syserr("554 5.3.0 rewrite: missing mapname");
}
map = stab(mapname, ST_MAP, ST_FIND);
if (map == NULL)
- syserr("554 5.3.0 rewrite: map %s not found", mapname);
+ syserr("554 5.3.0 rewrite: map %s not found",
+ mapname);
/* extract the match part */
key_rvp = ++rvp;
+ if (key_rvp == NULL)
+ syserr("554 5.3.0 rewrite: missing key for map %s",
+ mapname);
default_rvp = NULL;
arg_rvp = argvect;
xpvp = NULL;
@@ -1446,7 +1453,8 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)
{
int nodetype = **rvp & 0377;
- if (nodetype != CANONHOST && nodetype != CANONUSER)
+ if (nodetype != CANONHOST &&
+ nodetype != CANONUSER)
{
rvp++;
continue;
@@ -1459,7 +1467,9 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)
cataddr(xpvp, NULL, replac,
&pvpbuf[sizeof pvpbuf] - replac,
'\0');
- *++arg_rvp = replac;
+ if (arg_rvp <
+ &argvect[MAX_MAP_ARGS - 1])
+ *++arg_rvp = replac;
replac += strlen(replac) + 1;
xpvp = NULL;
}
@@ -1481,9 +1491,13 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)
cataddr(xpvp, NULL, replac,
&pvpbuf[sizeof pvpbuf] - replac,
'\0');
- *++arg_rvp = replac;
+ if (arg_rvp < &argvect[MAX_MAP_ARGS - 1])
+ *++arg_rvp = replac;
}
- *++arg_rvp = NULL;
+ if (arg_rvp >= &argvect[MAX_MAP_ARGS - 1])
+ argvect[MAX_MAP_ARGS - 1] = NULL;
+ else
+ *++arg_rvp = NULL;
/* save the remainder of the input string */
trsize = (int) (avp - rvp + 1) * sizeof *rvp;
@@ -1672,7 +1686,7 @@ callsubr(pvp, reclevel, e)
/*
** Now we need to call the ruleset specified for
- ** the subroutine. we can do this inplace since
+ ** the subroutine. We can do this in place since
** we call the "last" subroutine first.
*/
@@ -1870,6 +1884,7 @@ buildaddr(tv, a, flags, e)
register ENVELOPE *e;
{
bool tempfail = false;
+ int maxatom;
struct mailer **mp;
register struct mailer *m;
register char *p;
@@ -1884,6 +1899,7 @@ buildaddr(tv, a, flags, e)
printav(tv);
}
+ maxatom = MAXATOM;
if (a == NULL)
a = (ADDRESS *) sm_rpool_malloc_x(e->e_rpool, sizeof *a);
memset((char *) a, '\0', sizeof *a);
@@ -1923,14 +1939,22 @@ badaddr:
return a;
}
mname = *++tv;
+ --maxatom;
/* extract host and user portions */
if (*++tv != NULL && (**tv & 0377) == CANONHOST)
+ {
hostp = ++tv;
+ --maxatom;
+ }
else
hostp = NULL;
+ --maxatom;
while (*tv != NULL && (**tv & 0377) != CANONUSER)
+ {
tv++;
+ --maxatom;
+ }
if (*tv == NULL)
{
syserr("554 5.3.5 buildaddr: no user");
@@ -1941,6 +1965,7 @@ badaddr:
else if (hostp != NULL)
cataddr(hostp, tv - 1, hbuf, sizeof hbuf, '\0');
cataddr(++tv, NULL, ubuf, sizeof ubuf, ' ');
+ --maxatom;
/* save away the host name */
if (sm_strcasecmp(mname, "error") == 0)
@@ -2045,6 +2070,7 @@ badaddr:
{
p++;
tv++;
+ --maxatom;
a->q_flags |= QNOTREMOTE;
}
@@ -2075,11 +2101,11 @@ badaddr:
!bitset(RF_SENDERADDR|RF_HEADERADDR, flags))
{
/* sender addresses done later */
- (void) REWRITE(tv, 2, e);
+ (void) rewrite(tv, 2, 0, e, maxatom);
if (m->m_re_rwset > 0)
- (void) REWRITE(tv, m->m_re_rwset, e);
+ (void) rewrite(tv, m->m_re_rwset, 0, e, maxatom);
}
- (void) REWRITE(tv, 4, e);
+ (void) rewrite(tv, 4, 0, e, maxatom);
/* save the result for the command line/RCPT argument */
cataddr(tv, NULL, ubuf, sizeof ubuf, '\0');
@@ -2165,7 +2191,7 @@ cataddr(pvp, evp, buf, sz, spacesub)
break;
}
#if _FFR_CATCH_LONG_STRINGS
- /* Don't silently truncate long strings */
+ /* Don't silently truncate long strings; broken for evp != NULL */
if (*pvp != NULL)
syserr("cataddr: string too long");
#endif /* _FFR_CATCH_LONG_STRINGS */
@@ -2458,8 +2484,7 @@ emptyaddr(a)
**
** Parameters:
** name -- the name to translate.
-** m -- the mailer that we want to do rewriting relative
-** to.
+** m -- the mailer that we want to do rewriting relative to.
** flags -- fine tune operations.
** pstat -- pointer to status word.
** e -- the current envelope.
@@ -2654,7 +2679,6 @@ maplocaluser(a, sendq, aliaslevel, e)
{
register char **pvp;
register ADDRESS *SM_NONVOLATILE a1 = NULL;
- auto char *delimptr;
char pvpbuf[PSBUFSIZE];
if (tTd(29, 1))
@@ -2662,7 +2686,7 @@ maplocaluser(a, sendq, aliaslevel, e)
sm_dprintf("maplocaluser: ");
printaddr(a, false);
}
- pvp = prescan(a->q_user, '\0', pvpbuf, sizeof pvpbuf, &delimptr, NULL);
+ pvp = prescan(a->q_user, '\0', pvpbuf, sizeof pvpbuf, NULL, NULL);
if (pvp == NULL)
{
if (tTd(29, 9))
@@ -3108,6 +3132,7 @@ rscheck(rwset, p1, p2, e, flags, logl, host, logid)
** e -- the current envelope.
** pvp -- pointer to token vector.
** pvpbuf -- buffer space.
+** size -- size of buffer space.
**
** Returns:
** EX_UNAVAILABLE -- ruleset doesn't exist.
@@ -3175,7 +3200,7 @@ rscap(rwset, p1, p2, e, pvp, pvpbuf, size)
QuickAbort = false;
*pvp = prescan(buf, '\0', pvpbuf, size, NULL, NULL);
if (*pvp != NULL)
- rstat = REWRITE(*pvp, rsno, e);
+ rstat = rewrite(*pvp, rsno, 0, e, size);
else
{
if (tTd(48, 2))
OpenPOWER on IntegriCloud