bin/61019: [PATCH] wrong tokenization of unstructured data

Wed Jan 7 07:30:43 PST 2004

>Number:         61019
>Category:       bin
>Synopsis:       [PATCH] wrong tokenization of unstructured data
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jan 07 07:30:21 PST 2004
>Closed-Date:
>Last-Modified:
>Originator:     Oleg Bulyzhin
>Release:        FreeBSD 4.9-RELEASE-p1 i386
>Organization:
Cronyx Plus LLC
>Environment:
System: FreeBSD lath.rinet.ru 4.9-RELEASE-p1 FreeBSD 4.9-RELEASE-p1 #1: Thu Dec 11 14:25:00 MSK 2003 root at lath.rinet.ru:/lh/obj/lh/src/sys/lath i386

	All sendmail versions are affected (8.12.* 8.11.* 8.9.*)
	
>Description:
	Sendmail use prescan() function for data tokenization. This function
	use some implicit checks and convertions (like checks for unbalanced
	braces, angle braces etc).
	When prescan() used for 'unstructured' data tokenization (mail headers
	for example) global variable SuprErrs set to 'true' and all those error
	messages just skipped but 'syntax enforcing' still works (unbalanced
	'>' stripping for example).

	Due to such prescan() behaviour certain symbols are 'invisible' for
	sendmail. This can lead to wrong mail filtering (and maybe other
	ugly things).

	
>How-To-Repeat:
	Add following in sendmail.cf:

	Ksyslog syslog
	HSubject: $>+log_subject
	Slog_subject
	R$*		$: $(syslog "Subject: " $1 $)

	restart sendmail 
	do the following:

	root at lath# echo | mail -s '-->bug<--' postmaster at localhost
	root at lath# grep "Subject:" /var/log/maillog
	Jan  7 17:59:19 lath sm-mta[23337]: i07ExJ3O023337: Subject: --bug<-->
	root at lath#

	Subject '-->bug<--' was converted to '--bug<-->':
	'>' symbol was unbalanced and prescan() stripped it. Then prescan()
	found unbalanced '<' and added extra '>' symbol.

	
>Fix:
	Well, to my mind there is design flow: there should be 2 different
	functions: one for tokenization only and other for syntax checks.
	Though my sendmail knowledge is not deep enough - maybe i'm wrong.

	Anyway here is little (without altering whole sendmail sources) patch
	for sendmail 8.12.9p2:

--- parseaddr.c.orig	Thu Sep 25 08:53:37 2003
+++ parseaddr.c	Wed Dec 31 17:49:47 2003
@@ -721,6 +721,8 @@
 			c = (*p++) & 0x00ff;
 			if (c == '\0')
 			{
+				if (SuprErrs) break;
+
 				/* diagnose and patch up bad syntax */
 				if (state == QST)
 				{
@@ -748,7 +750,7 @@
 					break;
 
 				/* special case for better error management */
-				if (delim == ',' && !route_syntax)
+				if (delim == ',' && !route_syntax && !SuprErrs)
 				{
 					usrerr("553 Unbalanced '<'");
 					c = '>';
@@ -824,7 +826,7 @@
 				if (anglecnt <= 0)
 				{
 					usrerr("553 Unbalanced '>'");
-					c = NOCHAR;
+					if (!SuprErrs) c = NOCHAR;
 				}
 				else
 					anglecnt--;


	


>Release-Note:
>Audit-Trail:
>Unformatted:
