Do not overrun plugin string when copying it. Prevents sporadic

segmentation fault in fetchmail. Fix reported to upstream. OK jca@
2017-08-11 04:18:19 +00:00 · 2017-08-11 04:18:19 +00:00 · ea73c9a359
commit ea73c9a359
parent e3ff22e170
2 changed files with 18 additions and 6 deletions
--- a/mail/fetchmail/Makefile
+++ b/mail/fetchmail/Makefile
@ -1,11 +1,11 @@
-# $OpenBSD: Makefile,v 1.148 2015/11/02 11:56:54 espie Exp $
+# $OpenBSD: Makefile,v 1.149 2017/08/11 04:18:19 bluhm Exp $

 COMMENT=	mail retrieval utility for POP2, POP3, KPOP, IMAP and more

 DISTNAME=	fetchmail-6.3.26
 CATEGORIES=	mail
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=fetchmail/}
-REVISION=	0
+REVISION=	1

 HOMEPAGE=	http://www.fetchmail.info/

--- a/mail/fetchmail/patches/patch-socket_c
+++ b/mail/fetchmail/patches/patch-socket_c
@ -1,11 +1,23 @@
-$OpenBSD: patch-socket_c,v 1.9 2015/08/25 17:44:09 jca Exp $
+$OpenBSD: patch-socket_c,v 1.10 2017/08/11 04:18:19 bluhm Exp $
+
+Reported upstream
+  https://gitlab.com/fetchmail/fetchmail/merge_requests/5

 Fixed upstream
-
  https://gitlab.com/fetchmail/fetchmail/commit/a2ae6f8d15d7caf815d7bdd13df833fd1b2af5cc

--- socket.c.orig	Fri Jul 17 22:01:09 2015
-+++ socket.c	Fri Jul 17 22:19:47 2015
+Index: socket.c
+--- socket.c.orig
+++ socket.c
+@@ -111,7 +111,7 @@ static char *const *parse_plugin(const char *plugin, c
+ 		return NULL;
+ 	}
+ 
+-	while (plugin_copy_offset < plugin_copy_len)
+	while (plugin_offset < plugin_len && plugin_copy_offset < plugin_copy_len)
+ 	{	if ((plugin[plugin_offset] == '%') && (plugin[plugin_offset + 1] == 'h'))
+ 		{	strcpy(plugin_copy + plugin_copy_offset, host);
+ 			plugin_offset += 2;
@@ -914,7 +914,12 @@ int SSLOpen(int sock, char *mycert, char *mykey, const
 			return -1;
 #endif