From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Tue, 24 Apr 2018 12:07:53 +0000 (+0100)
Subject: ARC: limit verify chain to 50-deep
X-Git-Tag: exim-4.92-RC1~197
X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=commitdiff_plain;h=ef262e3170d26e4203fbf259180a34b1c0228a32

ARC: limit verify chain to 50-deep
---

diff --git a/src/src/arc.c b/src/src/arc.c
index ddf73959c..53d06de67 100644
--- a/src/src/arc.c
+++ b/src/src/arc.c
@@ -382,7 +382,7 @@ static uschar *
 arc_insert_hdr(arc_ctx * ctx, header_line * h, unsigned off, unsigned hoff,
   BOOL instance_only)
 {
-int i;
+unsigned i;
 arc_set * as;
 arc_line * al = store_get(sizeof(arc_line)), ** alp;
 uschar * e;
@@ -395,6 +395,7 @@ if ((e = arc_parse_line(al, h, off, instance_only)))
   return US"line parse";
   }
 if (!(i = arc_instance_from_hdr(al)))	return US"instance find";
+if (i > 50)				return US"overlarge instance number";
 if (!(as = arc_find_set(ctx, i)))	return US"set find";
 if (*(alp = (arc_line **)(US as + hoff))) return US"dup hdr";