[exim-dev] [Bug 2696] New: Buffer overflow in iplsearch

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
New-Topics: [exim-dev] [Bug 2696] Buffer overflow in iplsearch
Subject: [exim-dev] [Bug 2696] New: Buffer overflow in iplsearch
https://bugs.exim.org/show_bug.cgi?id=2696

            Bug ID: 2696
           Summary: Buffer overflow in iplsearch
           Product: Exim
           Version: 4.92
          Hardware: x86-64
                OS: Linux
            Status: NEW
          Severity: security
          Priority: medium
         Component: ACLs
          Assignee: jgh146exb@???
          Reporter: atodyl@???
                CC: exim-dev@???


I have a large number of entries in /var/cache/cluster_ips - around 2000 lines
including both IPv4 and IPv6 entries. Example entries in
/var/cache/cluster_ips:
===
192.168.100.1:true
"fe80::b6b5:2fff:fe52:cfb4":true
===

While checking the mainlog I see strange values for `PRX=`, showing random
parts of the list of IP addresses from /var/cache/cluster_ips. The IPs show
split by semicolons.

I use the list in this condition:
===
  warn
    condition = ${if exists {/var/cache/cluster_ips}}
    condition = ${if
eq{${lookup{$sender_host_address}iplsearch{/var/cache/cluster_ips}}}{true}}
    set acl_c_in_cluster = true
===


--
You are receiving this mail because:
You are on the CC list for the bug.