From owner-svn-src-all@FreeBSD.ORG Tue Aug 5 01:32:10 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4ABC0E94 for ; Tue, 5 Aug 2014 01:32:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2175C2766 for ; Tue, 5 Aug 2014 01:32:10 +0000 (UTC) Received: from peter (uid 633) (envelope-from peter@FreeBSD.org) id 5452 by svn.freebsd.org (DragonFly Mail Agent v0.9+); Tue, 05 Aug 2014 01:32:10 +0000 From: Peter Wemm Date: Tue, 5 Aug 2014 01:32:10 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r269550 - head/usr.sbin/cron/cron X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Message-Id: <53e0341a.5452.17e6e933@svn.freebsd.org> X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Aug 2014 01:32:10 -0000 Author: peter Date: Tue Aug 5 01:32:09 2014 New Revision: 269550 URL: http://svnweb.freebsd.org/changeset/base/269550 Log: Check gethostname(2) return code - but even if it succeeds it may not null terminate. Temporarily use "From: $user@$hostname" rather than "From: $user". The latter exposes incompatible behavior if using dma(8). sendmail(8) (and other alternatives) canonify either form on submission (even if masquerading), but dma will leak a non-compliant address to the internet. Modified: head/usr.sbin/cron/cron/do_command.c Modified: head/usr.sbin/cron/cron/do_command.c ============================================================================== --- head/usr.sbin/cron/cron/do_command.c Tue Aug 5 01:29:02 2014 (r269549) +++ head/usr.sbin/cron/cron/do_command.c Tue Aug 5 01:32:09 2014 (r269550) @@ -481,14 +481,17 @@ child_process(e, u) auto char mailcmd[MAX_COMMAND]; auto char hostname[MAXHOSTNAMELEN]; - (void) gethostname(hostname, MAXHOSTNAMELEN); + if (gethostname(hostname, MAXHOSTNAMELEN) == -1) + hostname[0] = '\0'; + hostname[sizeof(hostname) - 1] = '\0'; (void) snprintf(mailcmd, sizeof(mailcmd), MAILARGS, MAILCMD); if (!(mail = cron_popen(mailcmd, "w", e))) { warn("%s", MAILCMD); (void) _exit(ERROR_EXIT); } - fprintf(mail, "From: %s (Cron Daemon)\n", usernm); + fprintf(mail, "From: Cron Daemon <%s@%s>\n", + usernm, hostname); fprintf(mail, "To: %s\n", mailto); fprintf(mail, "Subject: Cron <%s@%s> %s\n", usernm, first_word(hostname, "."),