diff options
author | Phil Pennock <phil+git@pennock-tech.com> | 2020-10-29 11:47:58 -0400 |
---|---|---|
committer | Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> | 2021-04-28 00:40:19 +0200 |
commit | 6d2cfb575c95c1b81597d6b9eb2904cd695d7e4a (patch) | |
tree | b9b310a4bf82e54ce9977ed253ede00f2a3d4a6c /src/src/macros.h | |
parent | 7a7136ba7f5c2db33c7e320ffd4675335c4557e5 (diff) | |
download | exim4-6d2cfb575c95c1b81597d6b9eb2904cd695d7e4a.tar.gz |
SECURITY: fix Qualys CVE-2020-SLCWD
(cherry picked from commit bf5f9d56fadf9be8d947f141d31f7e0e8fa63762)
Diffstat (limited to 'src/src/macros.h')
-rw-r--r-- | src/src/macros.h | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/src/src/macros.h b/src/src/macros.h index cebbf4085..f83ba1933 100644 --- a/src/src/macros.h +++ b/src/src/macros.h @@ -153,7 +153,9 @@ enough to hold all the headers from a normal kind of message. */ /* The initial size of a big buffer for use in various places. It gets put into big_buffer_size and in some circumstances increased. It should be at least -as long as the maximum path length. */ +as long as the maximum path length PLUS room for string additions. +Let's go with "at least twice as large as maximum path length". +*/ #ifdef AUTH_HEIMDAL_GSSAPI /* RFC 4121 section 5.2, SHOULD support 64K input buffers */ @@ -162,10 +164,12 @@ as long as the maximum path length. */ # define __BIG_BUFFER_SIZE 16384 #endif -#if defined PATH_MAX && PATH_MAX > __BIG_BUFFER_SIZE -# define BIG_BUFFER_SIZE PATH_MAX -#elif defined MAXPATHLEN && MAXPATHLEN > __BIG_BUFFER_SIZE -# define BIG_BUFFER_SIZE MAXPATHLEN +#ifndef PATH_MAX +/* exim.h will have ensured this exists before including us. */ +# error headers confusion, PATH_MAX missing in macros.h +#endif +#if (PATH_MAX*2) > __BIG_BUFFER_SIZE +# define BIG_BUFFER_SIZE (PATH_MAX*2) #else # define BIG_BUFFER_SIZE __BIG_BUFFER_SIZE #endif |