Remove mutt-1.5.23-sendlib.patch from dist-git
This commit is contained in:
Matej Muzila
parent
702501fa3e
commit
b12e5a2ba6
@ -1,43 +0,0 @@
|
||||
# HG changeset patch
|
||||
# User Kevin McCarthy <kevin@8t8.us>
|
||||
# Date 1417472364 28800
|
||||
# Mon Dec 01 14:19:24 2014 -0800
|
||||
# Branch stable
|
||||
# Node ID 54c59aaf88b9f6b50f1078fc6f7551fa9315ac3e
|
||||
# Parent 1b583341d5ad677c8a1935eb4110eba27606878a
|
||||
Revert write_one_header() to skip space and tab. (closes #3716)
|
||||
|
||||
This patch fixes CVE-2014-9116 in the stable branch. It reverts
|
||||
write_one_header() to the pre [f251d523ca5a] code for skipping
|
||||
whitespace.
|
||||
|
||||
Thanks to Antonio Radici and Tomas Hoger for their analysis and patches
|
||||
to mutt, which this patch is based off of.
|
||||
|
||||
diff --git a/sendlib.c b/sendlib.c
|
||||
--- a/sendlib.c
|
||||
+++ b/sendlib.c
|
||||
@@ -1809,17 +1809,22 @@
|
||||
{
|
||||
tagbuf = NULL;
|
||||
valbuf = mutt_substrdup (start, end);
|
||||
}
|
||||
else
|
||||
{
|
||||
tagbuf = mutt_substrdup (start, t);
|
||||
/* skip over the colon separating the header field name and value */
|
||||
- t = skip_email_wsp(t + 1);
|
||||
+ ++t;
|
||||
+
|
||||
+ /* skip over any leading whitespace (WSP, as defined in RFC5322) */
|
||||
+ while (*t == ' ' || *t == '\t')
|
||||
+ t++;
|
||||
+
|
||||
valbuf = mutt_substrdup (t, end);
|
||||
}
|
||||
dprint(4,(debugfile,"mwoh: buf[%s%s] too long, "
|
||||
"max width = %d > %d\n",
|
||||
NONULL(pfx), valbuf, max, wraplen));
|
||||
if (fold_one_header (fp, tagbuf, valbuf, pfx, wraplen, flags) < 0)
|
||||
return -1;
|
||||
FREE (&tagbuf);
|
||||
Loading…
Reference in New Issue
Block a user