diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2000-10-09 23:45:02 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2000-10-09 23:45:02 +0000 |
commit | d2fac81bc71709206796116df1187a7dc4292a4d (patch) | |
tree | 32d6fc890344e5f54bd143626fc0b947c055b2dc | |
parent | 132f98ce7c2e6402f374842f2e716cc4360e5c3d (diff) |
Fix non-exploitable buffer oflow in test mode. Also add a line to uncomment
in sendmail/Makefile to cause sendmail to drop privs in test mode.
From sendmail+gshapiro@SENDMAIL.ORG
-rw-r--r-- | gnu/usr.sbin/sendmail/sendmail/Makefile | 5 | ||||
-rw-r--r-- | gnu/usr.sbin/sendmail/sendmail/macro.c | 9 | ||||
-rw-r--r-- | gnu/usr.sbin/sendmail/sendmail/main.c | 9 | ||||
-rw-r--r-- | gnu/usr.sbin/sendmail/sendmail/readcf.c | 2 | ||||
-rw-r--r-- | gnu/usr.sbin/sendmail/sendmail/stab.c | 1 |
5 files changed, 22 insertions, 4 deletions
diff --git a/gnu/usr.sbin/sendmail/sendmail/Makefile b/gnu/usr.sbin/sendmail/sendmail/Makefile index 6a20644422a..9da2b2c7795 100644 --- a/gnu/usr.sbin/sendmail/sendmail/Makefile +++ b/gnu/usr.sbin/sendmail/sendmail/Makefile @@ -1,10 +1,13 @@ -# $OpenBSD: Makefile,v 1.8 2000/08/01 12:57:47 millert Exp $ +# $OpenBSD: Makefile,v 1.9 2000/10/09 23:45:00 millert Exp $ PROG= sendmail WANT_LIBWRAP=1 WANT_LIBSMUTIL=1 +# To casue sendmail to drop privs in test mode (-bt) uncomment the following +#ENVDEF+= -D_FFR_TESTMODE_DROP_PRIVS + SRCS= main.c alias.c arpadate.c bf_torek.c clock.c collect.c \ conf.c control.c convtime.c daemon.c deliver.c domain.c \ envelope.c err.c headers.c macro.c map.c mci.c milter.c \ diff --git a/gnu/usr.sbin/sendmail/sendmail/macro.c b/gnu/usr.sbin/sendmail/sendmail/macro.c index 157e96b20e9..80cead76ed0 100644 --- a/gnu/usr.sbin/sendmail/sendmail/macro.c +++ b/gnu/usr.sbin/sendmail/sendmail/macro.c @@ -377,7 +377,7 @@ macid(p, ep) *ep = p + 1; if (tTd(35, 14)) dprintf("%c\n", *p); - return *p; + return ((unsigned int)*p) & 0xff; } bp = mbuf; while (*++p != '\0' && *p != '}' && bp < &mbuf[sizeof mbuf - 1]) @@ -401,7 +401,7 @@ macid(p, ep) else if (mbuf[1] == '\0') { /* ${x} == $x */ - mid = mbuf[0]; + mid = ((unsigned int)mbuf[0]) & 0xff; p++; } else @@ -428,6 +428,11 @@ macid(p, ep) } if (ep != NULL) *ep = p; + if (mid < 0 || mid > MAXMACROID) + { + syserr("Unable to assign macro/class ID (mid = 0x%x)", mid); + mid = 0; + } if (tTd(35, 14)) dprintf("0x%x\n", mid); return mid; diff --git a/gnu/usr.sbin/sendmail/sendmail/main.c b/gnu/usr.sbin/sendmail/sendmail/main.c index 661220188ce..5b9e73d3b8e 100644 --- a/gnu/usr.sbin/sendmail/sendmail/main.c +++ b/gnu/usr.sbin/sendmail/sendmail/main.c @@ -1517,6 +1517,15 @@ main(argc, argv, envp) { char buf[MAXLINE]; +#if _FFR_TESTMODE_DROP_PRIVS + dp = drop_privileges(TRUE); + if (dp != EX_OK) + { + CurEnv->e_id = NULL; + finis(TRUE, dp); + } +#endif /* _FFR_TESTMODE_DROP_PRIVS */ + if (isatty(fileno(stdin))) Verbose = 2; diff --git a/gnu/usr.sbin/sendmail/sendmail/readcf.c b/gnu/usr.sbin/sendmail/sendmail/readcf.c index 061500bed8c..c0bca9c06c2 100644 --- a/gnu/usr.sbin/sendmail/sendmail/readcf.c +++ b/gnu/usr.sbin/sendmail/sendmail/readcf.c @@ -2985,7 +2985,7 @@ setclass(class, str) dprintf("setclass(%s, %s)\n", macname(class), str); s = stab(str, ST_CLASS, ST_ENTER); - setbitn(class, s->s_class); + setbitn(((unsigned int)class) & 0xff, s->s_class); } } /* diff --git a/gnu/usr.sbin/sendmail/sendmail/stab.c b/gnu/usr.sbin/sendmail/sendmail/stab.c index 8ce82d4312d..717b02a7797 100644 --- a/gnu/usr.sbin/sendmail/sendmail/stab.c +++ b/gnu/usr.sbin/sendmail/sendmail/stab.c @@ -306,6 +306,7 @@ copy_class(src, dst) register STAB **shead; register STAB *s; + dst = ((unsigned int)dst) & 0xff; for (shead = SymTab; shead < &SymTab[STABSIZE]; shead++) { for (s = *shead; s != NULL; s = s->s_next) |