Fix CVE-2009-2408 (fedora #571817).HEAD master

author: Pawel Salek <pawsa@fedorapeople.org> 2010-03-09 22:17:08 +0100
committer: Pawel Salek <pawsa@fedorapeople.org> 2010-03-09 22:17:08 +0100
commit: eb75d5fd04b57eb74c3804e3241841b0dc7d289a (patch)
tree: 07ba949d704c44f1995b8529aba94df375459648
parent: 0cc409a44cac5ac29d0bd18fa13a4e9f2b2f2b96 (diff)
download: libesmtp-master.tar.gz
libesmtp-master.tar.xz
libesmtp-master.zip
1 files changed, 9 insertions, 1 deletions
diff --git a/smtp-tls.c b/smtp-tls.c
index f51cfad..b5627ce 100644
--- a/smtp-tls.c
+++ b/smtp-tls.c
@@ -441,16 +441,24 @@ static int
 match_component (const char *dom, const char *edom,
                  const char *ref, const char *eref)
 {
+  int wildcard = 0;
+
   while (dom < edom && ref < eref)
     {
       /* Accept a final '*' in the reference as a wildcard */
       if (*ref == '*' && ref + 1 == eref)
-        break;
+       {
+         wildcard = 1;
+         break;
+       }
       /* compare the domain name case insensitive */
       if (!(*dom == *ref || tolower (*dom) == tolower (*ref)))
         return 0;
       ref++, dom++;
     }
+  if (!wildcard && (dom < edom || ref < eref))
+    return 0;
+
   return 1;
 }
author	Pawel Salek <pawsa@fedorapeople.org>	2010-03-09 22:17:08 +0100
committer	Pawel Salek <pawsa@fedorapeople.org>	2010-03-09 22:17:08 +0100
commit	eb75d5fd04b57eb74c3804e3241841b0dc7d289a (patch)
tree	07ba949d704c44f1995b8529aba94df375459648
parent	0cc409a44cac5ac29d0bd18fa13a4e9f2b2f2b96 (diff)
download	libesmtp-master.tar.gz libesmtp-master.tar.xz libesmtp-master.zip