diff options
author | Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> | 2021-03-30 22:48:06 +0200 |
---|---|---|
committer | Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> | 2021-04-28 00:40:49 +0200 |
commit | d600f6c4d0c5d33e3988dfbfee248ff6a1536673 (patch) | |
tree | 3b22b39335084116fd405264fcc88c5dfc39fb12 | |
parent | 3b8c0ceb7339329188e19efb907da950dbe691d1 (diff) | |
download | exim4-d600f6c4d0c5d33e3988dfbfee248ff6a1536673.tar.gz |
SECURITY: Leave a clean smtp_out input buffer even in case of read error
Based on Heiko Schlittermann's commit 54895bc3. This fixes:
7/ In src/smtp_out.c, read_response_line(), inblock->ptr is not updated
when -1 is returned. This does not seem to have bad consequences, but is
maybe not the intended behavior.
(cherry picked from commit 30f5d98786fb4e6ccfdd112fe65c153f0ee34c5f)
-rw-r--r-- | src/src/smtp_out.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/src/smtp_out.c b/src/src/smtp_out.c index d6dfba52e..d1f69024e 100644 --- a/src/src/smtp_out.c +++ b/src/src/smtp_out.c @@ -425,7 +425,7 @@ if (ob->socks_proxy) { int sock = socks_sock_connect(sc->host, sc->host_af, port, sc->interface, sc->tblock, ob->connect_timeout); - + if (sock >= 0) { if (early_data && early_data->data && early_data->len) @@ -710,6 +710,7 @@ for (;;) /* Get here if there has been some kind of recv() error; errno is set, but we ensure that the result buffer is empty before returning. */ +inblock->ptr = inblock->ptrend = inblock->buffer; *buffer = 0; return -1; } |