Skip to content

Commit

Permalink
Added integer overflow check for SPF macro segment count.
Browse files Browse the repository at this point in the history
  • Loading branch information
@nathaniel-bennett @martinknafve
nathaniel-bennett authored and martinknafve committed Jan 15, 2022
1 parent a715fb3 commit 186a601
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion hmailserver/source/Server/SMTP/SPF/RMSPF.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
#undef UNICODE

#include <windns.h>
#include <limits.h>
#include <string.h>
#include <stdlib.h>
#include <time.h>
Expand Down Expand Up @@ -2371,7 +2372,9 @@ char** bufp, spfbool fordomain)
// get max number of parts
num = 0;
while (ISDIGIT(*cp))
{
if (num > (INT_MAX - (*cp - '0')) / 10)
return SPF_PermError;

num = num * 10 + *cp - '0';
if (++cp >= s1)
return SPF_PermError;
Expand Down

0 comments on commit 186a601

Please sign in to comment.