https://bugs.exim.org/show_bug.cgi?id=1836
Bug ID: 1836
Summary: Unqualified arguments to VRFY (when received over
local or remote SMTP) cause a segfault.
Product: Exim
Version: 4.87
Hardware: All
OS: All
Status: NEW
Severity: bug
Priority: medium
Component: ACLs
Assignee: jgh146exb@???
Reporter: scrapedsebby@???
CC: exim-dev@???
An unqualified argument to VRFY in SMTP causes a segfault (0x1). This seems to
be new with 4.87 where the ACL is processing the argument. Splitting works
correctly if there is an @ in the string, but it appears the address is assumed
qualified otherwise, which leads to an access violation at address 1 where the
length of a buffer is calculated on a NULL pointer following address splitting
with strrchr returning NULL.
smtp_setup_msg > acl_check > deliver_split_address > string_copylc >
strelen(NULL)
Verification otherwise works with unqualified addresses (with -bv). EXPN also
works (although no ability to customise with the recipient ACL as for VRFY).
--
You are receiving this mail because:
You are on the CC list for the bug.
