[exim-dev] ${certextract ...} RFC4514 DN custom separator bu…

Top Page
Delete this message
Reply to this message
Author: Roman Rybalko
Date:  
To: exim-dev
Subject: [exim-dev] ${certextract ...} RFC4514 DN custom separator bug in tls_field_from_dn() SIGSEGV
Hallo zusammen,

I've found a bug in ${certextract ...} clause when handling custom
separator for RFC4514 DN.

Example:
${certextract{subject,>/}{$tls_in_ourcert}}
The process gets SIGSEGV (strlen(NULL) called, see the source).

The fix (against 4.84) is attached (tls_field_from_dn-4.84.diff).

--
Best regards,
Roman Rybalko

commit cc96493b0e1b66b32592478a1b9197d83ee9e2f2
Author: Roman Rybalko <devel@???>
Date: Wed Dec 24 16:10:36 2014 +0300

    tls_field_from_dn() fix for custom out separator


diff --git src/tls.c src/tls.c
index f2ab567..41e72d7 100644
--- src/tls.c
+++ src/tls.c
@@ -249,10 +249,18 @@ while ((ele = string_nextinlist(&mod, &insep, NULL, 0)))

 dn_to_list(dn);
 insep = ',';
-len = Ustrlen(match);
-while ((ele = string_nextinlist(&dn, &insep, NULL, 0)))
-  if (Ustrncmp(ele, match, len) == 0 && ele[len] == '=')
-    list = string_append_listele(list, outsep, ele+len+1);
+if (match)
+  {
+  len = Ustrlen(match);
+  while ((ele = string_nextinlist(&dn, &insep, NULL, 0)))
+    if (Ustrncmp(ele, match, len) == 0 && ele[len] == '=')
+      list = string_append_listele(list, outsep, ele+len+1);
+  }
+else
+  {
+  while ((ele = string_nextinlist(&dn, &insep, NULL, 0)))
+    list = string_append_listele(list, outsep, ele);
+  }
 return list;
 }