diff options
| author | Gilles Chehade <gilles@cvs.openbsd.org> | 2019-08-10 15:46:23 +0000 |
|---|---|---|
| committer | Gilles Chehade <gilles@cvs.openbsd.org> | 2019-08-10 15:46:23 +0000 |
| commit | f3a1f82338939190c6e436a7a8311717887f63d2 (patch) | |
| tree | 9541f91a27156ad65c725a7306375032f47caecb /usr.sbin | |
| parent | f1836abd2173a7395c114a6e3f07cf16384efc0c (diff) | |
enforce domain length check in valid_domainpart(), checking it in caller is
not the proper place, also since helo uses valid_domainpart(), such a check
would have indirectly prevented last weeks errata.
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/smtpd/util.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/usr.sbin/smtpd/util.c b/usr.sbin/smtpd/util.c index 509e9ffe6e4..4b3ad22def8 100644 --- a/usr.sbin/smtpd/util.c +++ b/usr.sbin/smtpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.143 2019/08/10 09:35:43 gilles Exp $ */ +/* $OpenBSD: util.c,v 1.144 2019/08/10 15:46:22 gilles Exp $ */ /* * Copyright (c) 2000,2001 Markus Friedl. All rights reserved. @@ -510,6 +510,7 @@ valid_domainpart(const char *s) struct in6_addr ina6; char *c, domain[SMTPD_MAXDOMAINPARTSIZE]; const char *p; + size_t dlen; if (*s == '[') { if (strncasecmp("[IPv6:", s, 6) == 0) @@ -537,7 +538,11 @@ valid_domainpart(const char *s) if (*s == '\0') return 0; - if (s[strlen(s) - 1] == '.') + dlen = strlen(s); + if (dlen >= sizeof domain) + return 0; + + if (s[dlen - 1] == '.') return 0; return res_hnok(s); |