marcwickenden/gist:4046089

## gistfile1.diff
diff -ruw exim-4.80/doc/ChangeLog exim-4.80.1/doc/ChangeLog
--- exim-4.80/doc/ChangeLog	2012-05-31 01:40:15.000000000 +0100
+++ exim-4.80.1/doc/ChangeLog	2012-10-25 04:37:38.000000000 +0100
@@ -1,6 +1,14 @@
 Change log file for Exim from version 4.21
 -------------------------------------------

+Exim version 4.80.1
+-------------------
+
+PP/01 SECURITY: protect DKIM DNS decoding from remote exploit.
+      CVE-2012-5671
+      This, or similar/improved, will also be change PP/11 of 4.81.
+
+
 Exim version 4.80
 -----------------

diff -ruw exim-4.80/doc/spec.txt exim-4.80.1/doc/spec.txt
--- exim-4.80/doc/spec.txt	2012-05-31 10:35:23.000000000 +0100
+++ exim-4.80.1/doc/spec.txt	2012-10-25 04:46:58.000000000 +0100
@@ -5,9 +5,9 @@
 Copyright (c) 2012 University of Cambridge

 +-----------------------------------------------------------------------------+
-+-------------------------------------+--------------------------------+------+
-|Revision 4.80                        |17 May 2012                     |EM    |
-+-------------------------------------+--------------------------------+------+
++----------------------------------------+------------------------------+-----+
+|Revision 4.80.1                         |24 Oct 2012                   |EM   |
++----------------------------------------+------------------------------+-----+
 -------------------------------------------------------------------------------

 TABLE OF CONTENTS
@@ -653,7 +653,7 @@
 1.1 Exim documentation
 ----------------------

-This edition of the Exim specification applies to version 4.80 of Exim.
+This edition of the Exim specification applies to version 4.80.1 of Exim.
 Substantive changes from the 4.75 edition are marked in some renditions of the
 document; this paragraph is so marked if the rendition is capable of showing a
 change indicator.
@@ -1738,7 +1738,7 @@

 Exim is distributed as a gzipped or bzipped tar file which, when unpacked,
 creates a directory with the name of the current release (for example,
-exim-4.80) into which the following files are placed:
+exim-4.80.1) into which the following files are placed:

     ACKNOWLEDGMENTS contains some acknowledgments
     CHANGES         contains a reference to where changes are documented
@@ -2348,7 +2348,7 @@
 For the utility programs, old versions are renamed by adding the suffix .O to
 their names. The Exim binary itself, however, is handled differently. It is
 installed under a name that includes the version number and the compile number,
-for example exim-4.80-1. The script then arranges for a symbolic link called
+for example exim-4.80.1-1. The script then arranges for a symbolic link called
 exim to point to the binary. If you are updating a previous version of Exim,
 the script takes care to ensure that the name exim is never absent from the
 directory (as seen by other processes).
diff -ruw exim-4.80/scripts/reversion exim-4.80.1/scripts/reversion
--- exim-4.80/scripts/reversion	2012-05-31 01:40:15.000000000 +0100
+++ exim-4.80.1/scripts/reversion	2012-10-25 04:37:38.000000000 +0100
@@ -32,21 +32,23 @@

 # If this tree is a git working directory, use that to get version information.

-if [ -d ../../.git ] || [ "$1" = "release" ]
-then
-	# Modify the output of git describe into separate parts for
-	# the name "exim" and the release and variant versions.
-	# Put a dot in the version number and remove a spurious g.
-	set $(git describe --dirty=-XX --match 'exim-4*' |
-		sed 's|-| |;s|_|.|;s|[-_]| _|;s|-g|-|')
-	# Only update if we need to
-	if [ "$2 $3" != "$EXIM_RELEASE_VERSION $EXIM_VARIANT_VERSION" ]
-	then
-		EXIM_RELEASE_VERSION="$2"
-		EXIM_VARIANT_VERSION="$3"
-		rm -f version.h
-	fi
-fi
+#if [ -d ../../.git ] || [ "$1" = "release" ]
+#then
+#	# Modify the output of git describe into separate parts for
+#	# the name "exim" and the release and variant versions.
+#	# Put a dot in the version number and remove a spurious g.
+#	set $(git describe --dirty=-XX --match 'exim-4*' |
+#		sed 's|-| |;s|_|.|;s|[-_]| _|;s|-g|-|')
+#	# Only update if we need to
+#	if [ "$2 $3" != "$EXIM_RELEASE_VERSION $EXIM_VARIANT_VERSION" ]
+#	then
+#		EXIM_RELEASE_VERSION="$2"
+#		EXIM_VARIANT_VERSION="$3"
+#		rm -f version.h
+#	fi
+#fi
+EXIM_RELEASE_VERSION="4.80.1"
+EXIM_VARIANT_VERSION=""

 # If you are maintaining a patched version of Exim, you can either
 # create your own version.sh as part of your release process, or you
diff -ruw exim-4.80/src/dkim.c exim-4.80.1/src/dkim.c
--- exim-4.80/src/dkim.c	2012-05-31 01:40:15.000000000 +0100
+++ exim-4.80.1/src/dkim.c	2012-10-25 04:37:38.000000000 +0100
@@ -42,6 +42,9 @@
                "%.*s", (int)len, (char *)((rr->data)+rr_offset));
       rr_offset+=len;
       answer_offset+=len;
+      if (answer_offset >= PDKIM_DNS_TXT_MAX_RECLEN) {
+        return PDKIM_FAIL;
+      }
     }
   }
   else return PDKIM_FAIL;
diff -ruw exim-4.80/src/pdkim/pdkim.h exim-4.80.1/src/pdkim/pdkim.h
--- exim-4.80/src/pdkim/pdkim.h	2012-05-31 01:40:15.000000000 +0100
+++ exim-4.80.1/src/pdkim/pdkim.h	2012-10-25 04:37:38.000000000 +0100
@@ -27,8 +27,8 @@

 /* -------------------------------------------------------------------------- */
 /* Length of the preallocated buffer for the "answer" from the dns/txt
-   callback function. */
-#define PDKIM_DNS_TXT_MAX_RECLEN    4096
+   callback function. This should match the maximum RDLENGTH from DNS. */
+#define PDKIM_DNS_TXT_MAX_RECLEN    (1 << 16)

 /* -------------------------------------------------------------------------- */
 /* Function success / error codes */
diff -ruw exim-4.80/src/version.sh exim-4.80.1/src/version.sh
--- exim-4.80/src/version.sh	2012-05-31 10:33:43.000000000 +0100
+++ exim-4.80.1/src/version.sh	2012-10-25 04:45:13.000000000 +0100
@@ -1,4 +1,4 @@
 # automatically generated file - see ../scripts/reversion
-EXIM_RELEASE_VERSION="4.80"
+EXIM_RELEASE_VERSION="4.80.1"
 EXIM_VARIANT_VERSION=""
 EXIM_COMPILE_NUMBER="1"
	diff -ruw exim-4.80/doc/ChangeLog exim-4.80.1/doc/ChangeLog
	--- exim-4.80/doc/ChangeLog 2012-05-31 01:40:15.000000000 +0100
	+++ exim-4.80.1/doc/ChangeLog 2012-10-25 04:37:38.000000000 +0100
	@@ -1,6 +1,14 @@
	Change log file for Exim from version 4.21
	-------------------------------------------

	+Exim version 4.80.1
	+-------------------
	+
	+PP/01 SECURITY: protect DKIM DNS decoding from remote exploit.
	+ CVE-2012-5671
	+ This, or similar/improved, will also be change PP/11 of 4.81.
	+
	+
	Exim version 4.80
	-----------------

	diff -ruw exim-4.80/doc/spec.txt exim-4.80.1/doc/spec.txt
	--- exim-4.80/doc/spec.txt 2012-05-31 10:35:23.000000000 +0100
	+++ exim-4.80.1/doc/spec.txt 2012-10-25 04:46:58.000000000 +0100
	@@ -5,9 +5,9 @@
	Copyright (c) 2012 University of Cambridge

	+-----------------------------------------------------------------------------+
	-+-------------------------------------+--------------------------------+------+
	-\|Revision 4.80 \|17 May 2012 \|EM \|
	-+-------------------------------------+--------------------------------+------+
	++----------------------------------------+------------------------------+-----+
	+\|Revision 4.80.1 \|24 Oct 2012 \|EM \|
	++----------------------------------------+------------------------------+-----+
	-------------------------------------------------------------------------------

	TABLE OF CONTENTS
	@@ -653,7 +653,7 @@
	1.1 Exim documentation
	----------------------

	-This edition of the Exim specification applies to version 4.80 of Exim.
	+This edition of the Exim specification applies to version 4.80.1 of Exim.
	Substantive changes from the 4.75 edition are marked in some renditions of the
	document; this paragraph is so marked if the rendition is capable of showing a
	change indicator.
	@@ -1738,7 +1738,7 @@

	Exim is distributed as a gzipped or bzipped tar file which, when unpacked,
	creates a directory with the name of the current release (for example,
	-exim-4.80) into which the following files are placed:
	+exim-4.80.1) into which the following files are placed:

	ACKNOWLEDGMENTS contains some acknowledgments
	CHANGES contains a reference to where changes are documented
	@@ -2348,7 +2348,7 @@
	For the utility programs, old versions are renamed by adding the suffix .O to
	their names. The Exim binary itself, however, is handled differently. It is
	installed under a name that includes the version number and the compile number,
	-for example exim-4.80-1. The script then arranges for a symbolic link called
	+for example exim-4.80.1-1. The script then arranges for a symbolic link called
	exim to point to the binary. If you are updating a previous version of Exim,
	the script takes care to ensure that the name exim is never absent from the
	directory (as seen by other processes).
	diff -ruw exim-4.80/scripts/reversion exim-4.80.1/scripts/reversion
	--- exim-4.80/scripts/reversion 2012-05-31 01:40:15.000000000 +0100
	+++ exim-4.80.1/scripts/reversion 2012-10-25 04:37:38.000000000 +0100
	@@ -32,21 +32,23 @@

	# If this tree is a git working directory, use that to get version information.

	-if [ -d ../../.git ] \|\| [ "$1" = "release" ]
	-then
	- # Modify the output of git describe into separate parts for
	- # the name "exim" and the release and variant versions.
	- # Put a dot in the version number and remove a spurious g.
	- set $(git describe --dirty=-XX --match 'exim-4*' \|
	- sed 's\|-\| \|;s\|_\|.\|;s\|[-_]\| _\|;s\|-g\|-\|')
	- # Only update if we need to
	- if [ "$2 $3" != "$EXIM_RELEASE_VERSION $EXIM_VARIANT_VERSION" ]
	- then
	- EXIM_RELEASE_VERSION="$2"
	- EXIM_VARIANT_VERSION="$3"
	- rm -f version.h
	- fi
	-fi
	+#if [ -d ../../.git ] \|\| [ "$1" = "release" ]
	+#then
	+# # Modify the output of git describe into separate parts for
	+# # the name "exim" and the release and variant versions.
	+# # Put a dot in the version number and remove a spurious g.
	+# set $(git describe --dirty=-XX --match 'exim-4*' \|
	+# sed 's\|-\| \|;s\|_\|.\|;s\|[-_]\| _\|;s\|-g\|-\|')
	+# # Only update if we need to
	+# if [ "$2 $3" != "$EXIM_RELEASE_VERSION $EXIM_VARIANT_VERSION" ]
	+# then
	+# EXIM_RELEASE_VERSION="$2"
	+# EXIM_VARIANT_VERSION="$3"
	+# rm -f version.h
	+# fi
	+#fi
	+EXIM_RELEASE_VERSION="4.80.1"
	+EXIM_VARIANT_VERSION=""

	# If you are maintaining a patched version of Exim, you can either
	# create your own version.sh as part of your release process, or you
	diff -ruw exim-4.80/src/dkim.c exim-4.80.1/src/dkim.c
	--- exim-4.80/src/dkim.c 2012-05-31 01:40:15.000000000 +0100
	+++ exim-4.80.1/src/dkim.c 2012-10-25 04:37:38.000000000 +0100
	@@ -42,6 +42,9 @@
	"%.s", (int)len, (char )((rr->data)+rr_offset));
	rr_offset+=len;
	answer_offset+=len;
	+ if (answer_offset >= PDKIM_DNS_TXT_MAX_RECLEN) {
	+ return PDKIM_FAIL;
	+ }
	}
	}
	else return PDKIM_FAIL;
	diff -ruw exim-4.80/src/pdkim/pdkim.h exim-4.80.1/src/pdkim/pdkim.h
	--- exim-4.80/src/pdkim/pdkim.h 2012-05-31 01:40:15.000000000 +0100
	+++ exim-4.80.1/src/pdkim/pdkim.h 2012-10-25 04:37:38.000000000 +0100
	@@ -27,8 +27,8 @@

	/* -------------------------------------------------------------------------- */
	/* Length of the preallocated buffer for the "answer" from the dns/txt
	- callback function. */
	-#define PDKIM_DNS_TXT_MAX_RECLEN 4096
	+ callback function. This should match the maximum RDLENGTH from DNS. */
	+#define PDKIM_DNS_TXT_MAX_RECLEN (1 << 16)

	/* -------------------------------------------------------------------------- */
	/* Function success / error codes */
	diff -ruw exim-4.80/src/version.sh exim-4.80.1/src/version.sh
	--- exim-4.80/src/version.sh 2012-05-31 10:33:43.000000000 +0100
	+++ exim-4.80.1/src/version.sh 2012-10-25 04:45:13.000000000 +0100
	@@ -1,4 +1,4 @@
	# automatically generated file - see ../scripts/reversion
	-EXIM_RELEASE_VERSION="4.80"
	+EXIM_RELEASE_VERSION="4.80.1"
	EXIM_VARIANT_VERSION=""
	EXIM_COMPILE_NUMBER="1"