On 2022/05/04 23:42, Martin Schröder wrote:
> Am Mi., 6. Dez. 2017 um 13:06 Uhr schrieb Stuart Henderson
> <s...@spacehopper.org>:
> > OK for the fix. But guenther@'s comment from 2015 still stands -
> >
> > "Executive summary: delete the procmail port; the code is not safe and
> > should not be used as a basis for any further work."
> >
> > (https://marc.info/?l=openbsd-ports&m=141634350915839&w=2)
>
> See also https://anarc.at/blog/2022-03-02-procmail-considered-harmful/
>
> "TL;DR: procmail is a security liability and has been abandoned upstream
> for the last two decades. If you are still using it, you should probably drop
> everything and at least remove its SUID flag. There are plenty of alternatives
> to choose from, and conversion is a one-time, acceptable trade-off."
>
> Can we please drop the port (which hasn't been updated since 2017)?
>
> Best
> Martin
>
It has been de-abandoned upstream, there is a new release from earlier this
year. Update diff for that below FWIW. It builds, runtime not tested, I
have forgotten how to use it.
(btw it has never been installed SUID from ports/packages).
The scripts in smstools3 use formail from the procmail distribution and
I never found a working alternative (though I don't run the sms-email
gateway I was using it for any more and all the mobile broadband devices
I have available are either umb or completely unsupported in OpenBSD so
I can't spin it up again to test..) That could be split off like we did
for lockfile though.
Index: Makefile
===================================================================
RCS file: /cvs/ports/mail/procmail/Makefile,v
retrieving revision 1.45
diff -u -p -r1.45 Makefile
--- Makefile 11 Mar 2022 19:34:53 -0000 1.45
+++ Makefile 4 May 2022 22:57:57 -0000
@@ -1,23 +1,15 @@
COMMENT= filtering local mail delivery agent
-DISTNAME= procmail-3.22
-CATEGORIES= mail
-REVISION= 8
-
-MASTER_SITES= ${HOMEPAGE} \
- http://mirror.switch.ch/ftp/mirror/procmail/ \
- http://ftp.kfki.hu/packages/mail/procmail/ \
- http://ftp.ucsb.edu/pub/mirrors/procmail/ \
- http://www.ring.gr.jp/archives/net/mail/procmail/ \
- ftp://ftp.informatik.rwth-aachen.de/pub/packages/procmail/ \
- ftp://ftp.fu-berlin.de/pub/unix/mail/procmail/
+GH_ACCOUNT= BuGlessRB
+GH_PROJECT= procmail
+GH_TAGNAME= v3.24
-HOMEPAGE= http://www.procmail.org/
+CATEGORIES= mail
# GPLv2+
PERMIT_PACKAGE= Yes
-WANTLIB= c m
+WANTLIB= c m
FLAVORS= lmtp
FLAVOR?=
Index: distinfo
===================================================================
RCS file: /cvs/ports/mail/procmail/distinfo,v
retrieving revision 1.4
diff -u -p -r1.4 distinfo
--- distinfo 18 Jan 2015 03:14:25 -0000 1.4
+++ distinfo 4 May 2022 22:57:57 -0000
@@ -1,2 +1,2 @@
-SHA256 (procmail-3.22.tar.gz) = CHx1s03TPYud9a/p5CgByTlfS/Nzp4TZvJcVOwBi4Rc=
-SIZE (procmail-3.22.tar.gz) = 226817
+SHA256 (procmail-3.24.tar.gz) = UU6kMzOXg+ld+TIeeUdx5Ih7mCOsVf2yRpcCz2m9OYk=
+SIZE (procmail-3.24.tar.gz) = 299704
Index: patches/patch-man_procmailrc_man
===================================================================
RCS file: patches/patch-man_procmailrc_man
diff -N patches/patch-man_procmailrc_man
--- patches/patch-man_procmailrc_man 11 Mar 2022 19:34:53 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,14 +0,0 @@
-Fix escaping error that causes information loss.
-
-Index: man/procmailrc.man
---- man/procmailrc.man.orig
-+++ man/procmailrc.man
-@@ -779,7 +779,7 @@ one trailing newline will be stripped.
- .PP
- Some non-optimal and non-obvious regexps set MATCH to an incorrect
- value. The regexp can be made to work by removing one or more unneeded
--'*', '+', or '?' operator on the left-hand side of the \e/ token.
-+\&'*', '+', or '?' operator on the left-hand side of the \e/ token.
- .SH MISCELLANEOUS
- If the regular expression contains `\fB@TO_key@\fP' it will be substituted by
- .na
Index: patches/patch-src_comsat_c
===================================================================
RCS file: patches/patch-src_comsat_c
diff -N patches/patch-src_comsat_c
--- patches/patch-src_comsat_c 11 Mar 2022 19:34:53 -0000 1.3
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,15 +0,0 @@
-A patch from Philip Guenther (procmail maintainer) fixing a
-crash when procmail is invoked without arguments and then
-receive a ^C.
-
---- src/comsat.c.orig Tue Sep 11 06:55:46 2001
-+++ src/comsat.c Wed Dec 2 23:13:21 2009
-@@ -120,7 +120,7 @@ void sendcomsat(folder)const char*folder;
- { int s;const char*p;
- if(!csvalid||!buf) /* is comat on and set to a valid address? */
- return;
-- if(!*cslgname||strlen(cslgname)+2>linebuf) /* is $LOGNAME bogus? */
-+ if(!cslgname||!*cslgname||strlen(cslgname)+2>linebuf)/* is $LOGNAME bogus?
*/
- return;
- if(!(p=folder?folder:cslastf)) /* do we have a folder? */
- return;
Index: patches/patch-src_fields_c
===================================================================
RCS file: patches/patch-src_fields_c
diff -N patches/patch-src_fields_c
--- patches/patch-src_fields_c 11 Mar 2022 19:34:53 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,22 +0,0 @@
---- src/fields.c.orig Sat Mar 17 10:43:03 2012
-+++ src/fields.c Sat Mar 17 10:43:14 2012
-@@ -110,16 +110,16 @@ void dispfield(p)register const struct field*p;
- /* try and append one valid field to rdheader from stdin */
- int readhead P((void))
- { int idlen;
-- getline();
-+ get_line();
- if((idlen=breakfield(buf,buffilled))<=0) /* not the start of a valid field
*/
- return 0;
- if(idlen==STRLEN(FROM)&&eqFrom_(buf)) /* it's a From_
line */
- { if(rdheader)
- return 0; /* the From_ line was a fake! */
-- for(;buflast=='>';getline()); /* gather continued >From_ lines */
-+ for(;buflast=='>';get_line()); /* gather continued >From_ lines */
- }
- else
-- for(;;getline()) /* get the rest of the continued field */
-+ for(;;get_line()) /* get the rest of the continued
field */
- { switch(buflast) /* will this line be
continued? */
- { case ' ':case '\t': /* yep, it sure is */
- continue;
Index: patches/patch-src_formail_c
===================================================================
RCS file: patches/patch-src_formail_c
diff -N patches/patch-src_formail_c
--- patches/patch-src_formail_c 11 Mar 2022 19:34:53 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,11 +0,0 @@
---- src/formail.c.orig Sat Mar 17 10:43:03 2012
-+++ src/formail.c Sat Mar 17 10:43:10 2012
-@@ -819,7 +819,7 @@ splitit: { if(!lnl) /* did the previous mail e
- { if(split) /* gobble up the next start separator */
- { buffilled=0;
- #ifdef sMAILBOX_SEPARATOR
-- getline();buffilled=0; /* but only if it's defined */
-+ get_line();buffilled=0; /* but only if it's defined */
- #endif
- if(buflast!=EOF) /* if any */
- goto splitit;
Index: patches/patch-src_formisc_c
===================================================================
RCS file: patches/patch-src_formisc_c
diff -N patches/patch-src_formisc_c
--- patches/patch-src_formisc_c 11 Mar 2022 19:34:53 -0000 1.4
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,42 +0,0 @@
-Hunk #1: CVE-2014-3618, heap overflow in formail when parsing addresses
-with unbalanced quotes.
-
-Hunk #2: CVE-2017-16844: heap-based buffer overflow in loadbuf()
-http://bugs.debian.org/876511
-Patch taken from Debian package procmail_3.22-25+deb9u1.
-
-Index: src/formisc.c
---- src/formisc.c.orig
-+++ src/formisc.c
-@@ -84,12 +84,11 @@ normal: *target++= *start++;
- case '"':*target++=delim='"';start++;
- }
- ;{ int i;
-- do
-+ while(*start)
- if((i= *target++= *start++)==delim) /* corresponding delimiter? */
- break;
- else if(i=='\\'&&*start) /* skip quoted character */
- *target++= *start++;
-- while(*start); /* anything? */
- }
- hitspc=2;
- }
-@@ -104,7 +103,7 @@ void loadsaved(sp)const struct saved*const sp; /*
- }
- /* append to buf */
- void loadbuf(text,len)const char*const text;const size_t len;
--{ if(buffilled+len>buflen) /* buf can't hold the text */
-+{ while(buffilled+len>buflen) /* buf can't hold the text */
- buf=realloc(buf,buflen+=Bsize);
- tmemmove(buf+buffilled,text,len);buffilled+=len;
- }
-@@ -115,7 +114,7 @@ void loadchar(c)const int c; /* append
one char
- buf[buffilled++]=c;
- }
-
--int getline P((void)) /* read a newline-terminated line */
-+int get_line P((void)) /* read a newline-terminated
line */
- { if(buflast==EOF) /* at the end of our Latin already? */
- { loadchar('\n'); /* fake empty line */
- return EOF; /* spread the word */
Index: patches/patch-src_formisc_h
===================================================================
RCS file: patches/patch-src_formisc_h
diff -N patches/patch-src_formisc_h
--- patches/patch-src_formisc_h 11 Mar 2022 19:34:53 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,8 +0,0 @@
---- src/formisc.h.orig Sat Mar 17 10:43:03 2012
-+++ src/formisc.h Sat Mar 17 10:43:17 2012
-@@ -17,4 +17,4 @@ void
- char*
- skipwords P((char*start));
- int
-- getline P((void));
-+ get_line P((void));
Index: patches/patch-src_pipes_c
===================================================================
RCS file: patches/patch-src_pipes_c
diff -N patches/patch-src_pipes_c
--- patches/patch-src_pipes_c 11 Mar 2022 19:34:53 -0000 1.3
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,11 +0,0 @@
---- src/pipes.c.orig Tue Sep 11 06:58:44 2001
-+++ src/pipes.c Wed Dec 2 23:13:21 2009
-@@ -194,7 +194,7 @@ perr: progerr(line,excode,pwait==4); /* I'm goi
- makeblock(&temp,Stdfilled);
- tmemmove(temp.p,Stdout,Stdfilled);
- readdyn(&temp,&Stdfilled,Stdfilled+backlen+1);
-- Stdout=realloc(Stdout,&Stdfilled+1);
-+ Stdout=realloc(Stdout,Stdfilled+1);
- tmemmove(Stdout,temp.p,Stdfilled+1);
- freeblock(&temp);
- retStdout(Stdout,pwait&&pipw,!backblock);
Index: patches/patch-src_procmail_c
===================================================================
RCS file: patches/patch-src_procmail_c
diff -N patches/patch-src_procmail_c
--- patches/patch-src_procmail_c 11 Mar 2022 19:34:53 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,13 +0,0 @@
-Fix searching body alone.
-
---- src/procmail.c.orig Sat Jun 30 21:50:32 2007
-+++ src/procmail.c Sat Jun 30 21:51:22 2007
-@@ -652,7 +652,7 @@ commint:do skipspace();
/* skip whitespace */
- nrcond= -1;
- if(tolock) /* clear temporary buffer for lockfile name */
- free(tolock);
-- for(i=maxindex(flags);i;i--) /* clear the flags */
-+ for(i=maxindex(flags);i>=0;i--) /* clear the flags */
- flags[i]=0;
- for(tolock=0,locknext=0;;)
- { chp=skpspace(chp);
