gentoo-overlay/mail-filter/opendmarc/files/opendmarc-1.4.1.1-CVE-2021-34555.patch

From afa44abe68afe5ce29b6418538a60a642f39e459 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20B=C3=BCrgin?= <dbuergin@gluet.ch>
Date: Thu, 3 Jun 2021 21:59:55 +0200
Subject: [PATCH 1/3] Fix multi-value From handling logic

Fixes #175
---
 opendmarc/opendmarc.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/opendmarc/opendmarc.c b/opendmarc/opendmarc.c
index 65f6b49..bc38103 100644
--- a/opendmarc/opendmarc.c
+++ b/opendmarc/opendmarc.c
@@ -2479,12 +2479,12 @@ mlfi_eom(SMFICTX *ctx)
 				syslog(LOG_ERR,
 				       "%s: multi-valued From field detected",
 				       dfc->mctx_jobid);
-			}
 
-			if (conf->conf_reject_multi_from)
-				return SMFIS_REJECT;
-			else
-				return SMFIS_ACCEPT;
+				if (conf->conf_reject_multi_from)
+					return SMFIS_REJECT;
+				else
+					return SMFIS_ACCEPT;
+			}
 		}
 
 		user = users[0];

From 4ea4b219c6c93dbfd512b1caa433f5a810fdb436 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20B=C3=BCrgin?= <dbuergin@gluet.ch>
Date: Thu, 3 Jun 2021 22:01:34 +0200
Subject: [PATCH 2/3] Guard syslog call with conf_dolog flag

---
 opendmarc/opendmarc.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/opendmarc/opendmarc.c b/opendmarc/opendmarc.c
index bc38103..fb3d4b9 100644
--- a/opendmarc/opendmarc.c
+++ b/opendmarc/opendmarc.c
@@ -2476,9 +2476,12 @@ mlfi_eom(SMFICTX *ctx)
 		{
 			if (strcasecmp(domains[0], domains[c]) != 0)
 			{
-				syslog(LOG_ERR,
-				       "%s: multi-valued From field detected",
-				       dfc->mctx_jobid);
+				if (conf->conf_dolog)
+				{
+					syslog(LOG_ERR,
+					       "%s: multi-valued From field detected",
+					       dfc->mctx_jobid);
+				}
 
 				if (conf->conf_reject_multi_from)
 					return SMFIS_REJECT;

From 1245589ad44baadb3eb18ce110932da8c6fe286c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20B=C3=BCrgin?= <dbuergin@gluet.ch>
Date: Wed, 9 Jun 2021 19:18:21 +0200
Subject: [PATCH 3/3] Skip null domains when checking multi-value From header

---
 opendmarc/opendmarc.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/opendmarc/opendmarc.c b/opendmarc/opendmarc.c
index fb3d4b9..ffcbc3f 100644
--- a/opendmarc/opendmarc.c
+++ b/opendmarc/opendmarc.c
@@ -2474,7 +2474,9 @@ mlfi_eom(SMFICTX *ctx)
 
 		for (c = 1; users[c] != NULL; c++)
 		{
-			if (strcasecmp(domains[0], domains[c]) != 0)
+			if (domains[0] != NULL
+			    && domains[c] != NULL
+			    && strcasecmp(domains[0], domains[c]) != 0)
 			{
 				if (conf->conf_dolog)
 				{