Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 15 Apr 2024 15:43:05 +0000
From:      bugzilla-noreply@freebsd.org
To:        bugs@FreeBSD.org
Subject:   [Bug 253759] sendmail does not quote GECOS information for From header
Message-ID:  <bug-253759-227-JG5QCMRCjO@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-253759-227@https.bugs.freebsd.org/bugzilla/>
References:  <bug-253759-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253759

Michael Osipov <michaelo@FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |michaelo@FreeBSD.org

--- Comment #1 from Michael Osipov <michaelo@FreeBSD.org> ---
So the bug is truly in sendmail:
https://github.com/freebsd/freebsd-src/blob/303dea74c2cb3a41fba455fce857799=
3e637c3da/contrib/sendmail/src/srvrsmtp.c#L5470-L5481

The fullname/GECOS is neither basically quoted nor escaped.

In old ssmtp it is at least quoted:
https://salsa.debian.org/debian/ssmtp/-/blob/master/ssmtp.c?ref_type=3Dhead=
s#L463-473
In postfix it is handled perfectly:
https://github.com/vdukhovni/postfix/blob/a6993c3a48ebc3ac6cefd9913dab4b8c2=
3b66ab8/postfix/src/smtp/smtp_proto.c#L1436-L1438,
it does even escape double quotes in full names.

sendmail has this idiom:
 863         if (!rfc822_string(p))
 864         {
 865             /*
 866             **  Quote a full name with special characters
 867             **  as a comment so crackaddr() doesn't destroy
 868             **  the name portion of the address.
 869             */
 870
 871             p =3D addquotes(p, e->e_rpool);
 872         }

from ./src/util.c

These spots needs to be analyzed:
osipovmi@deblndw011x:~/var/Projekte/freebsd/src/contrib/sendmail (main =3D)
$ grep -r q_fullname .
./src/alias.c:  a->q_fullname =3D NULL;
./src/parseaddr.c:                                   a->q_fullname =3D=3D N=
ULL ?
"(none)" : a->q_fullname);
./src/recipient.c:                              if (a->q_fullname =3D=3D NU=
LL)
./src/recipient.c:                                      a->q_fullname =3D
ctladdr->q_fullname;
./src/recipient.c:                              new->q_fullname =3D
sm_rpool_strdup_x(e->e_rpool,
./src/sendmail.h:       char            *q_fullname;    /* full name if kno=
wn
*/
./src/srvrsmtp.c:       if (a->q_fullname =3D=3D NULL)
./src/srvrsmtp.c:               message(fmtbuf, a->q_fullname, a->q_user,
MyHostName);

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-253759-227-JG5QCMRCjO>