diff options
| -rw-r--r-- | doc/doc-txt/ChangeLog | 3 | ||||
| -rw-r--r-- | src/src/parse.c | 5 |
2 files changed, 8 insertions, 0 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index c8b295b6e..0c7a8ad52 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -184,6 +184,9 @@ PP/05 Fix security issue CVE-2020-PFPSN and guard against cmdline invoker providing a particularly obnoxious sender full name. Reported by Qualys. +pp/06 Fix CVE-2020-28016 (PFPZA): Heap out-of-bounds write in parse_fix_phrase() + + Exim version 4.94 ----------------- diff --git a/src/src/parse.c b/src/src/parse.c index ba5489ba9..c50c8156d 100644 --- a/src/src/parse.c +++ b/src/src/parse.c @@ -979,6 +979,11 @@ if (i < len) /* No non-printers; use the RFC 822 quoting rules */ +if (!len) + { + return string_copy_taint_function("", is_tainted(phrase)); + } + buffer = store_get(len*4, is_tainted(phrase)); s = phrase; |