sendmail-hprescan-dos.patch

   1 diff -urNp -x '*.orig' sendmail-8.16.1.org/sendmail/collect.c sendmail-8.16.1/sendmail/collect.c
   2 --- sendmail-8.16.1.org/sendmail/collect.c      2020-05-19 21:54:33.000000000 +0200
   3 +++ sendmail-8.16.1/sendmail/collect.c  2021-10-03 22:30:58.038924399 +0200
   4 @@ -15,6 +15,8 @@
   5
   6  #include <sm/sendmail.h>
   7
   8 +#define MAXHDRZ 512
   9 +
  10  static void    eatfrom __P((char *volatile, ENVELOPE *));
  11  static void    collect_doheader __P((ENVELOPE *));
  12  static SM_FILE_T *collect_dfopen __P((ENVELOPE *));
  13 @@ -283,6 +285,7 @@ collect(fp, smtpmode, hdrp, e, rsetsize)
  14         register ENVELOPE *e;
  15         bool rsetsize;
  16  {
  17 +       int hdrz = 0;
  18         register SM_FILE_T *df;
  19         bool ignrdot;
  20         int dbto;
  21 @@ -612,6 +615,16 @@ nextstate:
  22                                 mstate = MS_BODY;
  23                                 goto nextstate;
  24                         }
  25 +
  26 +            if (hdrz++>MAXHDRZ)
  27 +                        {
  28 +                                sm_syslog(LOG_NOTICE, e->e_id,
  29 +                                "excessive headers from %s during message collect",
  30 +                                CurHostName ? CurHostName : "<local machine>");
  31 +                                errno = 0;
  32 +                                usrerr("451 Stop this. You are lame.");
  33 +                                goto readerr;
  34 +                        }
  35
  36                         /* check for possible continuation line */
  37                         do