CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash()

(cherry picked from commit cad30cd3fb96196e908e0d66b1b45fdf377c850c)
author: Qualys Security Advisory <qsa@qualys.com> 2021-02-21 18:54:16 -0800
committer: Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> 2021-04-28 00:40:38 +0200
commit: 1c261b90f627f0489f7dfcf1e66b46cce67f477d (patch)
tree: 48ff429e4110c3d667dacbf2b22b0a1d97f69d94
parent: 43c6f0b83200b7082353c50187ef75de3704580a (diff)
download: exim4-1c261b90f627f0489f7dfcf1e66b46cce67f477d.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c
index 4c73d4fac..4320ecd49 100644
--- a/src/src/pdkim/pdkim.c
+++ b/src/src/pdkim/pdkim.c
@@ -825,7 +825,7 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next)
   /* VERIFICATION --------------------------------------------------------- */
   /* Be careful that the header sig included a bodyash */
 
-    if (  sig->bodyhash.data
+    if (sig->bodyhash.data && sig->bodyhash.len == b->bh.len
        && memcmp(b->bh.data, sig->bodyhash.data, b->bh.len) == 0)
       {
       DEBUG(D_acl) debug_printf("DKIM [%s] Body hash compared OK\n", sig->domain);
author	Qualys Security Advisory <qsa@qualys.com>	2021-02-21 18:54:16 -0800
committer	Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>	2021-04-28 00:40:38 +0200
commit	1c261b90f627f0489f7dfcf1e66b46cce67f477d (patch)
tree	48ff429e4110c3d667dacbf2b22b0a1d97f69d94
parent	43c6f0b83200b7082353c50187ef75de3704580a (diff)
download	exim4-1c261b90f627f0489f7dfcf1e66b46cce67f477d.tar.gz