From eb75d5fd04b57eb74c3804e3241841b0dc7d289a Mon Sep 17 00:00:00 2001
From: Pawel Salek <pawsa@fedorapeople.org>
Date: Tue, 9 Mar 2010 22:17:08 +0100
Subject: Fix CVE-2009-2408 (fedora #571817).

---
 smtp-tls.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/smtp-tls.c b/smtp-tls.c
index f51cfad..b5627ce 100644
--- a/smtp-tls.c
+++ b/smtp-tls.c
@@ -441,16 +441,24 @@ static int
 match_component (const char *dom, const char *edom,
                  const char *ref, const char *eref)
 {
+  int wildcard = 0;
+
   while (dom < edom && ref < eref)
     {
       /* Accept a final '*' in the reference as a wildcard */
       if (*ref == '*' && ref + 1 == eref)
-        break;
+       {
+         wildcard = 1;
+         break;
+       }
       /* compare the domain name case insensitive */
       if (!(*dom == *ref || tolower (*dom) == tolower (*ref)))
         return 0;
       ref++, dom++;
     }
+  if (!wildcard && (dom < edom || ref < eref))
+    return 0;
+
   return 1;
 }
 
-- 
cgit