diff options
| author | Phil Pennock <phil+git@pennock-tech.com> | 2020-10-29 20:42:40 -0400 |
|---|---|---|
| committer | Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> | 2021-05-27 21:30:26 +0200 |
| commit | bafc62583bc4ded96e3a66d2fb98c9d7afaa8768 (patch) | |
| tree | 1401d75e39c1d99803cf6ebe313470a1a5205073 /src | |
| parent | cb08e2f59f2166660abc998a0554e64c61d4a0f5 (diff) | |
SECURITY: fix Qualys CVE-2020-PFPZA
(cherry picked from commit 29d7a8c25f182c91d5d30f124f9e296dce5c018e)
(cherry picked from commit 0a6a7a3fd8464bae9ce0cf889e8eeb0bf0bab756)
Diffstat (limited to 'src')
| -rw-r--r-- | src/src/parse.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/src/parse.c b/src/src/parse.c index 7dfb9a7eb..8d689e88a 100644 --- a/src/src/parse.c +++ b/src/src/parse.c @@ -984,6 +984,11 @@ if (i < len) /* No non-printers; use the RFC 822 quoting rules */ +if (!len) + { + return string_copy_taint_function("", is_tainted(phrase)); + } + buffer = store_get(len*4, is_tainted(phrase)); s = phrase; |