Gitweb:
https://git.exim.org/exim.git/commitdiff/e30f4f43de211b14bd405a3d0e1579b9bd814908
Commit: e30f4f43de211b14bd405a3d0e1579b9bd814908
Parent: 0768462dc5830cde5ae7a3659577fb557926db28
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Sat Oct 20 21:03:30 2018 +0100
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Sun Oct 21 15:32:49 2018 +0100
Fix bad use of library, copying string over itself
---
doc/doc-txt/ChangeLog | 4 ++++
src/src/deliver.c | 3 ++-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 414dd98..70a4962 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -142,6 +142,10 @@ JH/30 Bug 2329: Increase buffer size used for dns lookup from 2k, which was
the way to the max DNS message size of 64kB, even though this might be
overmuch for IOT constrained device use.
+JH/31 Fix a bad use of a copy function, which could be used to pointlessly
+ copy a string over itself. The library routine is documented as not
+ supporting overlapping copies, and on MacOS it actually raised a SIGABRT.
+
Exim version 4.91
-----------------
diff --git a/src/src/deliver.c b/src/src/deliver.c
index 6c6e6f7..4624719 100644
--- a/src/src/deliver.c
+++ b/src/src/deliver.c
@@ -5586,7 +5586,8 @@ message size. This use of strcpy() is OK because the length id is checked when
it is obtained from a command line (the -M or -q options), and otherwise it is
known to be a valid message id. */
-Ustrcpy(message_id, id);
+if (id != message_id)
+ Ustrcpy(message_id, id);
f.deliver_force = forced;
return_count = 0;
message_size = 0;
