QPOPPER problem....
Date: Sat, 27 Jun 1998 15:47:39 -0300
From: "Bruno Lopes F. Cabral" <[email protected]>
To: [email protected]
Subject: Re: QPOPPER problem....
Hi there
Here is the proper join of Miquel van Smoorenburg and Roy Hooper
security patches applied to qpopper 2.4.
as I mantain the rpm version of pammified qpopper, you could grab everything
from ftp://ftp.openline.com.br/mirror/contrib/qpopper-2.4-2.src.rpm
!3runo
diff -uNr qpopper2.4-orig/pop_dropcopy.c qpopper2.4/pop_dropcopy.c
--- qpopper2.4-orig/pop_dropcopy.c Fri Sep 12 17:23:02 1997
+++ qpopper2.4/pop_dropcopy.c Sat Jun 27 14:41:01 1998
@@ -457,6 +457,9 @@
} else
cp = "";
+ /* Make UIDL not longer then 128 chars, we use it
+ in sprintf() later on */
+ if (strlen(cp) >= 128) cp[127] = 0;
mp->uidl_str = (char *)strdup(cp);
mp->length += nchar + 1;
p->drop_size += nchar + 1;
diff -uNr qpopper2.4-orig/pop_log.c qpopper2.4/pop_log.c
--- qpopper2.4-orig/pop_log.c Thu Sep 11 21:21:21 1997
+++ qpopper2.4/pop_log.c Sat Jun 27 14:41:57 1998
@@ -47,7 +47,7 @@
#endif
#ifdef HAVE_VPRINTF
- vsprintf(msgbuf,format,ap);
+ vsnprintf(msgbuf,sizeof(msgbuf),format,ap);
#else
# ifdef PYRAMID
(void)sprintf(msgbuf,format, arg1, arg2, arg3, arg4, arg5, arg6);
@@ -67,6 +67,8 @@
(void)fflush(p->trace);
}
else {
+ /* Protect syslog from too long messages */
+ if (strlen(msgbuf) >= 512) msgbuf[511] = 0;
syslog (stat,"%s",msgbuf);
}
diff -uNr qpopper2.4-orig/pop_msg.c qpopper2.4/pop_msg.c
--- qpopper2.4-orig/pop_msg.c Thu Sep 11 21:21:41 1997
+++ qpopper2.4/pop_msg.c Sat Jun 27 14:42:42 1998
@@ -63,7 +63,7 @@
/* Append the message (formatted, if necessary) */
if (format)
#ifdef HAVE_VPRINTF
- vsprintf(mp,format,ap);
+ vsnprintf(mp,sizeof(message) - strlen(mp) -1,format,ap);
#else
# ifdef PYRAMID
(void)sprintf(mp,format, arg1, arg2, arg3, arg4, arg5, arg6);
