diff options
-rw-r--r-- | doc/doc-txt/ChangeLog | 3 | ||||
-rw-r--r-- | src/src/smtp_in.c | 15 |
2 files changed, 13 insertions, 5 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 2f426ba5e..2c34c2176 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -118,6 +118,9 @@ JH/34 Bug 1648: Fix a memory leak seen with "mailq" and large queues. JH/35 Bug 1642: Fix support of $spam_ variables at delivery time. Was documented as working, but never had. Support all but $spam_report. +JH/36 Bug 1659: Guard checking of input smtp commands again pseudo-command + added for tls authenticator. + Exim version 4.85 ----------------- diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index 476122045..cf0a5d642 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -159,7 +159,10 @@ AUTH is already forbidden. After a TLS session is started, AUTH's flag is again forced TRUE, to allow for the re-authentication that can happen at that point. QUIT is also "falsely" labelled as a mail command so that it doesn't up the -count of non-mail commands and possibly provoke an error. */ +count of non-mail commands and possibly provoke an error. + +tls_auth is a pseudo-command, never expected in input. It is activated +on TLS startup and looks for a tls authenticator. */ static smtp_cmd_list cmd_list[] = { /* name len cmd has_arg is_mail_cmd */ @@ -1028,10 +1031,12 @@ for (p = cmd_list; p < cmd_list_end; p++) continue; } #endif - if (strncmpic(smtp_cmd_buffer, US p->name, p->len) == 0 && - (smtp_cmd_buffer[p->len-1] == ':' || /* "mail from:" or "rcpt to:" */ - smtp_cmd_buffer[p->len] == 0 || - smtp_cmd_buffer[p->len] == ' ')) + if ( p->len + && strncmpic(smtp_cmd_buffer, US p->name, p->len) == 0 + && ( smtp_cmd_buffer[p->len-1] == ':' /* "mail from:" or "rcpt to:" */ + || smtp_cmd_buffer[p->len] == 0 + || smtp_cmd_buffer[p->len] == ' ' + ) ) { if (smtp_inptr < smtp_inend && /* Outstanding input */ p->cmd < sync_cmd_limit && /* Command should sync */ |