1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-24 04:33:24 +00:00

Fix a format string vulnerability that could be exploited by an Exim

admin user to gain root privelege.
This commit is contained in:
Sheldon Hearn 2003-01-13 16:07:08 +00:00
parent b97c033272
commit cef6c361e1
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=73053
2 changed files with 38 additions and 0 deletions

View File

@ -7,6 +7,7 @@
PORTNAME= exim
PORTVERSION= 3.36
PORTREVISION= 1
CATEGORIES= mail
MASTER_SITES= ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim3/ \
http://www.exim.org/ftp/exim3/ \

View File

@ -0,0 +1,37 @@
*** src/daemon.c Thu Apr 4 13:56:16 2002
--- src/daemon.c Wed Dec 4 11:01:39 2002
***************
*** 590,596 ****
if (pid_file_path[0] == 0)
sprintf(buff, "%s/exim-daemon.pid", spool_directory);
else
! sprintf(buff, pid_file_path, "");
}
else
{
--- 590,596 ----
if (pid_file_path[0] == 0)
sprintf(buff, "%s/exim-daemon.pid", spool_directory);
else
! strcpy(buff, pid_file_path);
}
else
{
***************
*** 598,606 ****
sprintf(buff, "%s/exim-daemon.%d.pid", spool_directory, smtp_port);
else
{
! char dbuff[12];
! sprintf(dbuff, ".%d", smtp_port);
! sprintf(buff, pid_file_path, dbuff);
}
}
--- 598,604 ----
sprintf(buff, "%s/exim-daemon.%d.pid", spool_directory, smtp_port);
else
{
! strcpy(buff, pid_file_path);
}
}