|
Line 0
Link Here
|
|
|
1 |
This patch solves the issue raised by CVE-2014-9116. |
| 2 |
|
| 3 |
We correctly redefine what are the whitespace characters as per RFC5322; by |
| 4 |
doing so we prevent mutt_substrdup from being used in a way that could lead to |
| 5 |
a segfault. |
| 6 |
|
| 7 |
The lib.c part was written by Antonio Radici <antonio@debian.org> to prevent |
| 8 |
crashes due to this kind of bugs from happening again. |
| 9 |
|
| 10 |
Taken from the debian port for jessie. Thanks to the debian people! |
| 11 |
|
| 12 |
--- lib.c.orig |
| 13 |
+++ lib.c |
| 14 |
@@ -815,6 +815,9 @@ char *mutt_substrdup (const char *begin, |
| 15 |
size_t len; |
| 16 |
char *p; |
| 17 |
|
| 18 |
+ if (end != NULL && end < begin) |
| 19 |
+ return NULL; |
| 20 |
+ |
| 21 |
if (end) |
| 22 |
len = end - begin; |
| 23 |
else |
| 24 |
--- lib.h.orig |
| 25 |
+++ lib.h |
| 26 |
@@ -98,7 +98,7 @@ |
| 27 |
on some systems */ |
| 28 |
# define SKIPWS(c) while (*(c) && isspace ((unsigned char) *(c))) c++; |
| 29 |
|
| 30 |
-#define EMAIL_WSP " \t\r\n" |
| 31 |
+#define EMAIL_WSP " \t\r" |
| 32 |
|
| 33 |
/* skip over WSP as defined by RFC5322. This is used primarily for parsing |
| 34 |
* header fields. */ |