Blame SOURCES/dovecot-2.2.36-cve_2019_7524part2of2.patch
|
 |
c9ace8 |
From df17cee615377f2474c86eb6a5b3fe5caa8b70fe Mon Sep 17 00:00:00 2001
|
|
|
c9ace8 |
From: Timo Sirainen <timo.sirainen@open-xchange.com>
|
|
|
c9ace8 |
Date: Mon, 4 Feb 2019 19:25:13 -0800
|
|
|
c9ace8 |
Subject: [PATCH] fts: Fix buffer overflow when reading oversized fts header
|
|
|
c9ace8 |
|
|
|
c9ace8 |
---
|
|
|
c9ace8 |
src/plugins/fts/fts-api.c | 2 +-
|
|
|
c9ace8 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
c9ace8 |
|
|
|
c9ace8 |
diff --git a/src/plugins/fts/fts-api.c b/src/plugins/fts/fts-api.c
|
|
|
c9ace8 |
index 5a5b2a919e..4f8a1c125d 100644
|
|
|
c9ace8 |
--- a/src/plugins/fts/fts-api.c
|
|
|
c9ace8 |
+++ b/src/plugins/fts/fts-api.c
|
|
|
c9ace8 |
@@ -425,7 +425,7 @@ bool fts_index_get_header(struct mailbox *box, struct fts_index_header *hdr_r)
|
|
|
c9ace8 |
i_zero(hdr_r);
|
|
|
c9ace8 |
ret = FALSE;
|
|
|
c9ace8 |
} else {
|
|
|
c9ace8 |
- memcpy(hdr_r, data, data_size);
|
|
|
c9ace8 |
+ memcpy(hdr_r, data, sizeof(*hdr_r));
|
|
|
c9ace8 |
ret = TRUE;
|
|
|
c9ace8 |
}
|
|
|
c9ace8 |
mail_index_view_close(&view);
|