Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. exim>
  3. dev
[Bug 2696] Buffer overflow in iplsearch
exim-dev at exim
Feb 12, 2021, 9:38 AM
Post #1 of 5 (360 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2696

--- Comment #1 from Lucian A <atodyl@gmail.com> ---
Example values for PRX in the mainlog:
===
PRX=f^A
PRX=F0=E5=FD=E8=F5=ED=EF=F2
PRX=I
PRX=@^^^X?U
PRX=`^_^^?U
PRX=^P?U
PRX=match
PRX=Pef?U
PRX=PF6?U
PRX=pG9?U
PRX=Ph??U
PRX=pi
PRX=p^\^V?U
PRX=@P!?U
PRX=Pn1?U
PRX=p]^D?U
PRX=^PP^F?U
PRX=P^]^V?U
PRX=P?U
PRX=PU^C?U
PRX=P?U
PRX=Px]?U
PRX=sently
PRX=ssion_services"
PRX=true
PRX=@^\^M?U
PRX=@&"?U
PRX=`#^V?U
PRX=`^AU?U
PRX=V-000m1p-Bz-D
PRX=wMCBuIAowMDAwMDcwODA0IDAwMDAwIG4gCjAwMDAwNzExNDEgMDAwMDAgbiAKMDAw
PRX=`?U
PRX=^P?U
PRX=`?U
PRX=?^\?U
===

--
You are receiving this mail because:
You are on the CC list for the bug.
[Bug 2696] Buffer overflow in iplsearch [ In reply to ]
exim-dev at exim
Feb 12, 2021, 12:20 PM
Post #2 of 5 (360 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2696

--- Comment #2 from Lucian A <atodyl@gmail.com> ---
Complete mainlog entry with random PRX value:
===
2021-02-12 18:02:54 [269195] 1lAbqD-00181r-If <= user@domain.tld
H=(some.host.tld) [192.168.168.168] I=[192.168.1.1]:587 P=esmtps
X=TLSv1.2:AES128-GCM-SHA256:128 CV=no PRX=D-00181r-If-D S=11223
id=cadb8202-3582-4797-8416-9ee56bb3e6cc@blahblah.local
2021-02-12 18:02:57 [270853] 1lAbqD-00181r-If => user2@someotherdomain.tld
R=dnslookup_socks T=remote_smtp_batv_socks H=mx1.somehost.tld [192.168.192.192]
PRX=[1.2.3.4] I=[2.3.4.5] X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 CV=yes C="250
2.0.0 Ok: queued as ..."
2021-02-12 18:02:57 [270853] 1lAbqD-00181r-If Completed
===

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2696] Buffer overflow in iplsearch [ In reply to ]
exim-dev at exim
Feb 13, 2021, 4:21 AM
Post #3 of 5 (360 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2696

Heiko Schlittermann <hs@schlittermann.de> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |hs@schlittermann.de

--- Comment #3 from Heiko Schlittermann <hs@schlittermann.de> ---
Created attachment 1367
--> https://bugs.exim.org/attachment.cgi?id=1367&action=edit
Instructions for a minimal test environment

I was not able to reproduce the reported behaviour, but maye the OP can.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2696] Buffer overflow in iplsearch [ In reply to ]
exim-dev at exim
Feb 13, 2021, 7:22 AM
Post #4 of 5 (360 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2696

Jeremy Harris <jgh146exb@wizmail.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Priority|medium |low

--- Comment #4 from Jeremy Harris <jgh146exb@wizmail.org> ---
It seems that the bug report is for a fork of the Exim project. That being so,
I am not regarding it as a high priority for investigation. If it can be
reproduced on a current release of the main Exim project (or any identified
commit from the main Exim project git respository) that will change.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2696] Buffer overflow in iplsearch [ In reply to ]
exim-dev at exim
Feb 13, 2021, 1:01 PM
Post #5 of 5 (360 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2696

--- Comment #5 from Heiko Schlittermann <hs@schlittermann.de> ---
Today I did an attempt to compile and reproduce the beviour with the
exim-4.92+fixed+... version from the SpamExperts repo, but I failed, as they
seem to use an encrypted configuration file.

Maybe there are simple options to work around this (disabling the relevant
parts in the readconf.c), but I'm not sure if this wouldn't "fix" the issue
en-passant.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal