summaryrefslogtreecommitdiffstats
path: root/network/opensmtpd/openbsd64-020-smtpd.patch
diff options
context:
space:
mode:
Diffstat (limited to 'network/opensmtpd/openbsd64-020-smtpd.patch')
-rw-r--r--network/opensmtpd/openbsd64-020-smtpd.patch31
1 files changed, 0 insertions, 31 deletions
diff --git a/network/opensmtpd/openbsd64-020-smtpd.patch b/network/opensmtpd/openbsd64-020-smtpd.patch
deleted file mode 100644
index 8ce7178da8..0000000000
--- a/network/opensmtpd/openbsd64-020-smtpd.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-OpenBSD 6.4 errata 020, August 2, 2019
-
-smtpd can crash on excessively large input, causing a denial of service.
-
---- a/smtpd/smtp_session.c 3 Sep 2018 19:01:29 -0000 1.337
-+++ b/smtpd/smtp_session.c 1 Aug 2019 21:18:53 -0000
-@@ -1904,15 +1904,21 @@ smtp_reply(struct smtp_session *s, char
- {
- va_list ap;
- int n;
-- char buf[LINE_MAX], tmp[LINE_MAX];
-+ char buf[LINE_MAX*2], tmp[LINE_MAX*2];
-
- va_start(ap, fmt);
- n = vsnprintf(buf, sizeof buf, fmt, ap);
- va_end(ap);
-- if (n == -1 || n >= LINE_MAX)
-- fatalx("smtp_reply: line too long");
-+ if (n < 0)
-+ fatalx("smtp_reply: response format error");
- if (n < 4)
- fatalx("smtp_reply: response too short");
-+ if (n >= (int)sizeof buf) {
-+ /* only first three bytes are used by SMTP logic,
-+ * so if _our_ reply does not fit entirely in the
-+ * buffer, it's ok to truncate.
-+ */
-+ }
-
- log_trace(TRACE_SMTP, "smtp: %p: >>> %s", s, buf);
-