From e967596d91f79a6f34374fe4ee747a55792b5ffc Mon Sep 17 00:00:00 2001 From: Eduardo Chappa Date: Wed, 5 Aug 2020 03:09:17 -0600 Subject: * When Alpine opens a folder in a server whose address is given numerically it might crash due to an incorrect freeing of memory. Reported by Wang Kang. --- imap/src/osdep/nt/tcp_nt.c | 2 +- imap/src/osdep/unix/tcp_unix.c | 2 +- pith/pine.hlp | 5 ++++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/imap/src/osdep/nt/tcp_nt.c b/imap/src/osdep/nt/tcp_nt.c index 3a836b12..2c17d6b7 100644 --- a/imap/src/osdep/nt/tcp_nt.c +++ b/imap/src/osdep/nt/tcp_nt.c @@ -856,7 +856,7 @@ char *tcp_canonical (char *name) char *ret,host[MAILTMPLEN]; blocknotify_t bn = (blocknotify_t) mail_parameters (NIL,GET_BLOCKNOTIFY,NIL); /* look like domain literal? */ - if (name[0] == '[' && name[strlen (name) - 1] == ']') return name; + if (name[0] == '[' && name[strlen (name) - 1] == ']') return cpystr(name); (*bn) (BLOCK_DNSLOOKUP,NIL); if (tcpdebug) { sprintf (host,"DNS canonicalization %.80s",name); diff --git a/imap/src/osdep/unix/tcp_unix.c b/imap/src/osdep/unix/tcp_unix.c index bc5fe33a..aaa24675 100644 --- a/imap/src/osdep/unix/tcp_unix.c +++ b/imap/src/osdep/unix/tcp_unix.c @@ -965,7 +965,7 @@ char *tcp_canonical (char *name) blocknotify_t bn = (blocknotify_t) mail_parameters (NIL,GET_BLOCKNOTIFY,NIL); void *data; /* look like domain literal? */ - if (name[0] == '[' && name[strlen (name) - 1] == ']') return name; + if (name[0] == '[' && name[strlen (name) - 1] == ']') return cpystr(name); (*bn) (BLOCK_DNSLOOKUP,NIL); /* quell alarms */ data = (*bn) (BLOCK_SENSITIVE,NIL); if (tcpdebug) { diff --git a/pith/pine.hlp b/pith/pine.hlp index e215ec9b..9177d488 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 498 2020-07-28 20:52:25 +Alpine Commit 499 2020-08-05 03:09:13 ============= h_news ================= @@ -258,6 +258,9 @@ Bugs addressed:
  • When Alpine starts a PREAUTH connection, it might still ask the user to login. Reported by Frank Tobin. +
  • When Alpine opens a folder in a server whose address is given numerically + it might crash due to an incorrect freeing of memory. Reported by Wang Kang. +
  • Invalid signatures created by Alpine, when built with recent releases of the Openssl-1.1.1 series (but not in the Openssl-1.0.1 series). Fix contributed by Bernd Edlinger. -- cgit v1.2.3-54-g00ecf