92 lines
4.3 KiB
Diff
92 lines
4.3 KiB
Diff
diff -up evolution-data-server-3.28.5/src/camel/camel-stream-buffer.c.CVE-2020-14928 evolution-data-server-3.28.5/src/camel/camel-stream-buffer.c
|
|
--- evolution-data-server-3.28.5/src/camel/camel-stream-buffer.c.CVE-2020-14928 2018-07-30 15:17:06.000000000 +0200
|
|
+++ evolution-data-server-3.28.5/src/camel/camel-stream-buffer.c 2020-07-23 10:26:57.962555350 +0200
|
|
@@ -524,3 +524,22 @@ camel_stream_buffer_read_line (CamelStre
|
|
|
|
return g_strdup ((gchar *) sbf->priv->linebuf);
|
|
}
|
|
+
|
|
+/*
|
|
+ * camel_stream_buffer_discard_cache:
|
|
+ * @sbf: a #CamelStreamBuffer
|
|
+ *
|
|
+ * Discards any cached data in the @sbf. The next read reads
|
|
+ * from the stream.
|
|
+ *
|
|
+ * Since: 3.28.5-14
|
|
+ */
|
|
+void
|
|
+camel_stream_buffer_discard_cache (CamelStreamBuffer *sbf)
|
|
+{
|
|
+ g_return_if_fail (CAMEL_IS_STREAM_BUFFER (sbf));
|
|
+
|
|
+ sbf->priv->ptr = sbf->priv->buf;
|
|
+ sbf->priv->end = sbf->priv->buf;
|
|
+ sbf->priv->ptr[0] = '\0';
|
|
+}
|
|
diff -up evolution-data-server-3.28.5/src/camel/camel-stream-buffer.h.CVE-2020-14928 evolution-data-server-3.28.5/src/camel/camel-stream-buffer.h
|
|
--- evolution-data-server-3.28.5/src/camel/camel-stream-buffer.h.CVE-2020-14928 2018-07-30 15:17:06.000000000 +0200
|
|
+++ evolution-data-server-3.28.5/src/camel/camel-stream-buffer.h 2020-07-23 10:26:57.963555348 +0200
|
|
@@ -93,6 +93,8 @@ gint camel_stream_buffer_gets (CamelStr
|
|
gchar * camel_stream_buffer_read_line (CamelStreamBuffer *sbf,
|
|
GCancellable *cancellable,
|
|
GError **error);
|
|
+void camel_stream_buffer_discard_cache
|
|
+ (CamelStreamBuffer *sbf);
|
|
|
|
G_END_DECLS
|
|
|
|
diff -up evolution-data-server-3.28.5/src/camel/providers/pop3/camel-pop3-store.c.CVE-2020-14928 evolution-data-server-3.28.5/src/camel/providers/pop3/camel-pop3-store.c
|
|
--- evolution-data-server-3.28.5/src/camel/providers/pop3/camel-pop3-store.c.CVE-2020-14928 2018-07-30 15:17:06.000000000 +0200
|
|
+++ evolution-data-server-3.28.5/src/camel/providers/pop3/camel-pop3-store.c 2020-07-23 10:26:57.963555348 +0200
|
|
@@ -208,6 +208,8 @@ connect_to_server (CamelService *service
|
|
|
|
if (tls_stream != NULL) {
|
|
camel_stream_set_base_stream (stream, tls_stream);
|
|
+ /* Truncate any left cached input from the insecure part of the session */
|
|
+ camel_pop3_stream_discard_cache (pop3_engine->stream);
|
|
g_object_unref (tls_stream);
|
|
} else {
|
|
g_prefix_error (
|
|
diff -up evolution-data-server-3.28.5/src/camel/providers/pop3/camel-pop3-stream.c.CVE-2020-14928 evolution-data-server-3.28.5/src/camel/providers/pop3/camel-pop3-stream.c
|
|
--- evolution-data-server-3.28.5/src/camel/providers/pop3/camel-pop3-stream.c.CVE-2020-14928 2018-07-30 15:17:06.000000000 +0200
|
|
+++ evolution-data-server-3.28.5/src/camel/providers/pop3/camel-pop3-stream.c 2020-07-23 10:26:57.963555348 +0200
|
|
@@ -457,3 +457,14 @@ camel_pop3_stream_getd (CamelPOP3Stream
|
|
|
|
return 1;
|
|
}
|
|
+
|
|
+void
|
|
+camel_pop3_stream_discard_cache (CamelPOP3Stream *is)
|
|
+{
|
|
+ if (is) {
|
|
+ is->ptr = is->end = is->buf;
|
|
+ is->lineptr = is->linebuf;
|
|
+ is->lineend = is->linebuf + CAMEL_POP3_STREAM_LINE_SIZE;
|
|
+ is->ptr[0] = '\n';
|
|
+ }
|
|
+}
|
|
diff -up evolution-data-server-3.28.5/src/camel/providers/pop3/camel-pop3-stream.h.CVE-2020-14928 evolution-data-server-3.28.5/src/camel/providers/pop3/camel-pop3-stream.h
|
|
--- evolution-data-server-3.28.5/src/camel/providers/pop3/camel-pop3-stream.h.CVE-2020-14928 2018-07-30 15:17:06.000000000 +0200
|
|
+++ evolution-data-server-3.28.5/src/camel/providers/pop3/camel-pop3-stream.h 2020-07-23 10:26:57.963555348 +0200
|
|
@@ -87,6 +87,7 @@ gint camel_pop3_stream_getd (CamelPOP3
|
|
guint *len,
|
|
GCancellable *cancellable,
|
|
GError **error);
|
|
+void camel_pop3_stream_discard_cache (CamelPOP3Stream *is);
|
|
|
|
G_END_DECLS
|
|
|
|
diff -up evolution-data-server-3.28.5/src/camel/providers/smtp/camel-smtp-transport.c.CVE-2020-14928 evolution-data-server-3.28.5/src/camel/providers/smtp/camel-smtp-transport.c
|
|
--- evolution-data-server-3.28.5/src/camel/providers/smtp/camel-smtp-transport.c.CVE-2020-14928 2018-07-30 15:17:06.000000000 +0200
|
|
+++ evolution-data-server-3.28.5/src/camel/providers/smtp/camel-smtp-transport.c 2020-07-23 10:26:57.963555348 +0200
|
|
@@ -319,6 +319,8 @@ connect_to_server (CamelService *service
|
|
|
|
if (tls_stream != NULL) {
|
|
camel_stream_set_base_stream (stream, tls_stream);
|
|
+ /* Truncate any left cached input from the insecure part of the session */
|
|
+ camel_stream_buffer_discard_cache (transport->istream);
|
|
g_object_unref (tls_stream);
|
|
} else {
|
|
g_prefix_error (
|