ssmtp garbles big BCC header lines
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| sSMTP |
New
|
Undecided
|
Unassigned | ||
Bug Description
affects ssmtp
Version: 2.64
Using ssmtp fpr sending a great amount of receipients using the Bcc:
line leads to garbled mail addresses. In detail it suppresses each
character on a position matching an even multiple of 4096.
Example:
-------
$ /ssmtp-original -t -i -<email address hidden> <<EOF
To: undisclosed-
Subject: Big BCC Test
From: NoReply <email address hidden>
Bcc: <email address hidden>, <email address hidden>, ... [continued to more than 4096
characters]
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-
Hello together!
This Mail should go to a bunch of receipients which should not appear
and are placed in a Bcc: line which exceeds 4096 Bytes.
EOF
-------
The error appears during parsing the header lines when ssmtp separates
the addresses placed in the BCC line. This happens in function
header_parse (line 755) when a additional buffer is being added to the p
string pointer. The pointer q which sets the place for the next
character is placed to the wrong position then. For this the last
written character is being overwritten.
My suggestion to prevent this, is to apply this patch:
-------
--- ssmtp.c-defective 2017-11-30 10:52:15.378757000 +0100
+++ ssmtp.c 2017-11-30 07:45:05.549678000 +0100
@@ -770,7 +770,11 @@
if(p == (char *)NULL) {
die(
}
- q = (p + len);
+ if(len > 0) {
+ q = (p + len+1);
+ } else {
+ q = (p + len);
+ }
}
len++;
-------
I am using Ubuntu 16.04.2 LTS x86_64, kernel 4.4.0-101-generic
and libc6 2.23-0ubuntu9
Best Regards
Burkhard
--
Dipl.-Ing. (FH) Burkhard Obergöker
Telefon +49 5261 702 -5073
Telefax +49 5261 702 -85073
Hochschule Ostwestfalen-Lippe
S(kim) Service|
Liebigstraße 87
32657 Lemgo
www.hs-owl.de/skim
<email address hidden>
--
-------
Burkhard Obergöker Flurstr. 3
Dipl. Ing. (FH) 32758 Detmold
Tel.: 05231/21236 <email address hidden>
