From e12d2e7bc2e9f0c30a1029602e57e5ae8df1b9db Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Fri, 30 Oct 2020 13:58:01 +0000 Subject: [PATCH 41/42] LDAP: fix taint-check in server list walk. Bug 2646 (cherry picked from commit 51b611aa81d7ee01243b196abc34a0e2eabd293c) --- doc/ChangeLog | 5 +++++ src/lookups/ldap.c | 3 +-- diff --git doc/ChangeLog doc/ChangeLog index ec1b03304..9924fca5c 100644 --- doc/ChangeLog +++ doc/ChangeLog @@ -102,6 +102,11 @@ JH/22 Bug 2265: Force SNI usage for smtp transport DANE'd connections, to be JH/23 Logging: with the +tls_sni log_selector, do not wrap the received SNI in quotes. +JH/26 Bug 2646: fix a memory usage issue in ldap lookups. Previously, when more + than one server was defined and depending on the platform memory layout + details, an internal consistency trap could be hit while walking the list + of servers. + Exim version 4.94 ----------------- diff --git src/lookups/ldap.c src/lookups/ldap.c index ef550a08d..34908a351 100644 --- src/lookups/ldap.c +++ src/lookups/ldap.c @@ -1093,7 +1093,6 @@ uschar *password = NULL; uschar *local_servers = NULL; uschar *server; const uschar *list; -uschar buffer[512]; while (isspace(*url)) url++; @@ -1254,7 +1253,7 @@ if (!eldap_default_servers && !local_servers || p[3] != '/') /* Loop through the default servers until OK or FAIL. Use local_servers list * if defined in the lookup, otherwise use the global default list */ list = !local_servers ? eldap_default_servers : local_servers; -while ((server = string_nextinlist(&list, &sep, buffer, sizeof(buffer)))) +while ((server = string_nextinlist(&list, &sep, NULL, 0))) { int rc; int port = 0; -- 2.29.2