mail/exim and printf("%n")

Thu, 02 Sep 2021 13:16:22 -0700 


exim apparently uses printf("%n"), which is currently forbidden (libc
calls abort(3)).

I don't want us to fix all the %n uses in the ports tree, but instead
wait for user reports.  Though for some software like exim it makes
sense to help users avoid such a hard crash.

The diff below doesn't pretend to fix all uses of %n in the exim source.
There may be others that can't be flagged by the compiler (support for
that hesn't been committed yet) because of indirections through wrapper
functions.

ok?


Index: Makefile
===================================================================
RCS file: /cvs/ports/mail/exim/Makefile,v
retrieving revision 1.136
diff -u -p -r1.136 Makefile
--- Makefile    5 May 2021 15:08:15 -0000       1.136
+++ Makefile    2 Sep 2021 20:12:05 -0000
@@ -8,7 +8,7 @@ DISTNAME =              exim-${VERSION}
 PKGNAME-main =         exim-${VERSION}
 FULLPKGNAME-eximon =   exim-eximon-${VERSION}
 FULLPKGPATH-eximon =   ${PKGPATH},-eximon
-REVISION-main =                1
+REVISION-main =                2
 
 CATEGORIES =           mail
 
Index: patches/patch-src_acl_c
===================================================================
RCS file: patches/patch-src_acl_c
diff -N patches/patch-src_acl_c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_acl_c     2 Sep 2021 20:12:05 -0000
@@ -0,0 +1,23 @@
+$OpenBSD$
+
+Don't use printf %n.
+
+Index: src/acl.c
+--- src/acl.c.orig
++++ src/acl.c
+@@ -2906,10 +2906,12 @@ for (; cb; cb = cb->next)
+ 
+   HDEBUG(D_acl)
+     {
+-    int lhswidth = 0;
+-    debug_printf_indent("check %s%s %n",
++    uschar buf[256];
++    int lhswidth = snprintf(CS buf, sizeof buf, "check %s%s ",
+       (!conditions[cb->type].is_modifier && cb->u.negated)? "!":"",
+-      conditions[cb->type].name, &lhswidth);
++      conditions[cb->type].name);
++    if (lhswidth == -1) lhswidth = 0;
++    debug_printf_indent("%s");
+ 
+     if (cb->type == ACLC_SET)
+       {
Index: patches/patch-src_transport_c
===================================================================
RCS file: patches/patch-src_transport_c
diff -N patches/patch-src_transport_c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_transport_c       2 Sep 2021 20:12:05 -0000
@@ -0,0 +1,20 @@
+$OpenBSD$
+
+Don't use printf %n.
+
+Index: src/transport.c
+--- src/transport.c.orig
++++ src/transport.c
+@@ -958,10 +958,9 @@ if (!(tctx->options & topt_no_headers))
+ 
+   if (tctx->options & topt_add_return_path)
+     {
+-    int n;
+     uschar * s = string_sprintf("Return-path: <%.*s>\n%n",
+-                          EXIM_EMAILADDR_MAX, return_path, &n);
+-    if (!write_chunk(tctx, s, n)) goto bad;
++                          EXIM_EMAILADDR_MAX, return_path);
++    if (!write_chunk(tctx, s, strlen(s))) goto bad;
+     }
+ 
+   /* Add envelope-to: if requested */


-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Reply via email to