JH/28 Fix parsing of MIME headers for parameters with quoted semicolons.
+TL/15 SECURITY: prevent double expansion in math comparison functions
+ (can expand unsanitized data). Not remotely exploitable.
+ CVE-2014-2972
+
Exim version 4.82
-----------------
ten-1.test.ex
10.0.0.2
+trick: ${substr_2_2:65535}
5>3m: ${if >{5 } {3m }{y}{n}}
5>3z: ${if >{5 } {3z }{y}{n}}
5>a: ${if >{ 5 } {a}{y}{n}}
+5>bad: ${if >{5 } {${lookup{trick}lsearch{DIR/aux-fixed/0002.lsearch}}} {y}{n}}
>0: ${if > {}{0}{y}{n}}
=: ${if = {}{}{y}{n}}
> 5>3m: n
> Failed: invalid integer "3z "
> Failed: integer expected but "a" found
+> Failed: integer expected but "${substr_2_2:65535}" found
>
> >0: n
> =: y
projects / exim.git / commitdiff