fetchmail/fetchmail-6.3.8-CVE-2007-4565.patch

diff -up fetchmail-6.3.8/sink.c.cve_2007_4565 fetchmail-6.3.8/sink.c
--- fetchmail-6.3.8/sink.c.cve_2007_4565	2007-03-30 00:45:17.000000000 +0200
+++ fetchmail-6.3.8/sink.c	2008-09-18 11:38:09.000000000 +0200
@@ -262,7 +262,7 @@ static int send_bouncemail(struct query 
     const char *md1 = "MAILER-DAEMON", *md2 = "MAILER-DAEMON@";
 
     /* don't bounce in reply to undeliverable bounces */
-    if (!msg->return_path[0] ||
+    if (!msg || !msg->return_path[0] ||
 	strcmp(msg->return_path, "<>") == 0 ||
 	strcasecmp(msg->return_path, md1) == 0 ||
 	strncasecmp(msg->return_path, md2, strlen(md2)) == 0)
Rediff all patches to work with patch --fuzz=0 2008-09-18 09:40:55 +00:00			`diff -up fetchmail-6.3.8/sink.c.cve_2007_4565 fetchmail-6.3.8/sink.c`
			`--- fetchmail-6.3.8/sink.c.cve_2007_4565 2007-03-30 00:45:17.000000000 +0200`
			`+++ fetchmail-6.3.8/sink.c 2008-09-18 11:38:09.000000000 +0200`
			`@@ -262,7 +262,7 @@ static int send_bouncemail(struct query`
add patch 2007-09-04 12:43:38 +00:00			`const char md1 = "MAILER-DAEMON", md2 = "MAILER-DAEMON@";`

			`/* don't bounce in reply to undeliverable bounces */`
			`- if (!msg->return_path[0] \|\|`
			`+ if (!msg \|\| !msg->return_path[0] \|\|`
			`strcmp(msg->return_path, "<>") == 0 \|\|`
			`strcasecmp(msg->return_path, md1) == 0 \|\|`
			`strncasecmp(msg->return_path, md2, strlen(md2)) == 0)`