summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2016-05-22 22:32:43 +0100
committerJeremy Harris <jgh146exb@wizmail.org>2016-05-24 20:25:15 +0100
commit05392bbc11cd269cbf23f0f1e39023ba84787cf2 (patch)
tree892695c075156e97a395e1273572f391bb1b5ffb
parentba59b14d895cc44ddb548eb1f70f75377655b638 (diff)
Fix crash in VRFY handling for an unqualified name. Bug 1836
Introduced-by: 4f6ae5c314e5
-rw-r--r--doc/doc-docbook/spec.xfpt2
-rw-r--r--doc/doc-txt/ChangeLog3
-rw-r--r--src/src/smtp_in.c43
-rw-r--r--test/scripts/0000-Basic/00412
-rw-r--r--test/stdout/00412
5 files changed, 39 insertions, 13 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index d625d88b5..42e116182 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -38394,7 +38394,7 @@ form of the name.
Log lines and Received-by: header lines will acquire a "utf8"
prefix on the protocol element, eg. utf8esmtp.
-The following expansion operator can be used:
+The following expansion operators can be used:
.code
${utf8_domain_to_alabel:str}
${utf8_domain_from_alabel:str}
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index f5e9b8dea..eca1defa8 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -32,6 +32,9 @@ JH/06 Bug 165: hide more cases of password exposure - this time in expansions
JH/07 Retire gnutls_require_mac et.al. These were nonfunctional since 4.80
and logged a warning sing 4.83; now they are a configuration file error.
+JH/08 Bug 1836: Fix crash in VRFY handling when handed an unqualified name
+ (lacking @domain). Apply the same qualification processing as RCPT.
+
Exim version 4.87
-----------------
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index d66b59e30..0d509a38d 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -4352,14 +4352,13 @@ while (done <= 0)
/* Apply SMTP rewriting then extract the working address. Don't allow "<>"
as a recipient address */
- recipient = ((rewrite_existflags & rewrite_smtp) != 0)?
- rewrite_one(smtp_cmd_data, rewrite_smtp, NULL, FALSE, US"",
- global_rewrite_rules) : smtp_cmd_data;
+ recipient = rewrite_existflags & rewrite_smtp
+ ? rewrite_one(smtp_cmd_data, rewrite_smtp, NULL, FALSE, US"",
+ global_rewrite_rules)
+ : smtp_cmd_data;
- /* rfc821_domains = TRUE; << no longer needed */
recipient = parse_extract_address(recipient, &errmess, &start, &end,
&recipient_domain, FALSE);
- /* rfc821_domains = FALSE; << no longer needed */
if (recipient == NULL)
{
@@ -4380,7 +4379,6 @@ while (done <= 0)
we must always qualify this address, regardless. */
if (recipient_domain == 0)
- {
if (allow_unqualified_recipient ||
strcmpic(recipient, US"postmaster") == 0)
{
@@ -4400,7 +4398,6 @@ while (done <= 0)
host_lookup_msg);
break;
}
- }
/* Check maximum allowed */
@@ -4586,18 +4583,40 @@ while (done <= 0)
HAD(SCH_VRFY);
- if(!(address = parse_extract_address(smtp_cmd_data, &errmess, &start, &end,
- &recipient_domain, FALSE)))
+ if (!(address = parse_extract_address(smtp_cmd_data, &errmess,
+ &start, &end, &recipient_domain, FALSE)))
+ {
smtp_printf("501 %s\r\n", errmess);
+ break;
+ }
+
+ if (recipient_domain == 0)
+ if ( allow_unqualified_recipient
+ || strcmpic(address, US"postmaster") == 0)
+ {
+ DEBUG(D_receive) debug_printf("unqualified address %s accepted\n",
+ recipient);
+ recipient_domain = Ustrlen(recipient) + 1;
+ address = rewrite_address_qualify(address, TRUE);
+ }
+ else
+ {
+ smtp_printf("501 %s: recipient address must contain a domain\r\n",
+ smtp_cmd_data);
+ log_write(L_smtp_syntax_error,
+ LOG_MAIN|LOG_REJECT, "unqualified verify rejected: <%s> %s%s",
+ address, host_and_ident(TRUE), host_lookup_msg);
+ break;
+ }
- else if ((rc = acl_check(ACL_WHERE_VRFY, address, acl_smtp_vrfy,
+ if ((rc = acl_check(ACL_WHERE_VRFY, address, acl_smtp_vrfy,
&user_msg, &log_msg)) != OK)
done = smtp_handle_acl_fail(ACL_WHERE_VRFY, rc, user_msg, log_msg);
else
{
- uschar *s = NULL;
+ uschar * s = NULL;
+ address_item * addr = deliver_make_addr(address, FALSE);
- address_item *addr = deliver_make_addr(address, FALSE);
switch(verify_address(addr, NULL, vopt_is_recipient | vopt_qualify, -1,
-1, -1, NULL, NULL, NULL))
{
diff --git a/test/scripts/0000-Basic/0041 b/test/scripts/0000-Basic/0041
index 3495375cb..0f8cdb3b5 100644
--- a/test/scripts/0000-Basic/0041
+++ b/test/scripts/0000-Basic/0041
@@ -2,6 +2,8 @@
exim -bh 1.1.1.1
vrfy userx@test.ex
vrfy hardfail@test.ex
+vrfy unqual
+vrfy
expn postmaster
quit
****
diff --git a/test/stdout/0041 b/test/stdout/0041
index b88c93ac7..6b22865b0 100644
--- a/test/stdout/0041
+++ b/test/stdout/0041
@@ -6,6 +6,8 @@
220 the.local.host.name ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
252 Administrative prohibition
599 custom reject
+501 unqual: recipient address must contain a domain
+501 empty address
550 Administrative prohibition
221 the.local.host.name closing connection