CVE-2020-28013: Heap buffer overflow in parse_fix_phrase()

Based on Phil Pennock's 8a50c88a, done by Qualys (cherry picked from commit 8161c16ec7320ac6164954bade23179a0ed095eb)
author: Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> 2021-03-29 22:44:47 +0200
committer: Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> 2021-04-28 00:40:41 +0200
commit: 71585e8fcb8704a9f431f5a8d019280cccaad069 (patch)
tree: 46f3f0df90b7f8f1e2e4d6cf381e4b302dff2899
parent: 08102cbe8102f99b31655aa0e926c45b427efe6d (diff)
download: exim4-71585e8fcb8704a9f431f5a8d019280cccaad069.tar.gz
1 files changed, 1 insertions, 6 deletions
diff --git a/src/src/parse.c b/src/src/parse.c
index 3f1ba222f..32b42cd29 100644
--- a/src/src/parse.c
+++ b/src/src/parse.c
@@ -1129,12 +1129,7 @@ while (s < end)
             {
             if (ss >= end) ss--;
             *t++ = '(';
-            if (ss < s)
-              {
-              /* Someone has ended the string with "<punct>(". */
-              ss = s;
-              }
-            else
+            if (ss > s)
               {
               Ustrncpy(t, s, ss-s);
               t += ss-s;
author	Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>	2021-03-29 22:44:47 +0200
committer	Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>	2021-04-28 00:40:41 +0200
commit	71585e8fcb8704a9f431f5a8d019280cccaad069 (patch)
tree	46f3f0df90b7f8f1e2e4d6cf381e4b302dff2899
parent	08102cbe8102f99b31655aa0e926c45b427efe6d (diff)
download	exim4-71585e8fcb8704a9f431f5a8d019280cccaad069.tar.gz