1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
>From 9984ae5cb0ea0d61df1612b06952a61323c083d9 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer () redhat com>
Date: Mon, 17 Nov 2014 11:13:38 +0100
Subject: [PATCH 1/4] outof: Introduce expandaddr flag
Document that address expansion is disabled unless the expandaddr
binary option is set.
This has been assigned CVE-2014-7844 for BSD mailx, but it is not
a vulnerability in Heirloom mailx because this feature was documented.
---
mailx.1 | 14 ++++++++++++++
names.c | 3 +++
2 files changed, 17 insertions(+)
diff --git a/mailx.1 b/mailx.1
index 70a7859..22a171b 100644
--- a/mailx.1
+++ b/mailx.1
@@ -656,6 +656,14 @@ but any reply returned to the machine
will have the system wide alias expanded
as all mail goes through sendmail.
.SS "Recipient address specifications"
+If the
+.I expandaddr
+option is not set (the default), recipient addresses must be names of
+local mailboxes or Internet mail addresses.
+.PP
+If the
+.I expandaddr
+option is set, the following rules apply:
When an address is used to name a recipient
(in any of To, Cc, or Bcc),
names of local mail folders
@@ -2391,6 +2399,12 @@ and exits immediately.
If this option is set,
\fImailx\fR starts even with an empty mailbox.
.TP
+.B expandaddr
+Causes
+.I mailx
+to expand message recipient addresses, as explained in the section,
+Recipient address specifications.
+.TP
.B flipr
Exchanges the
.I Respond
diff --git a/names.c b/names.c
index 66e976b..c69560f 100644
--- a/names.c
+++ b/names.c
@@ -268,6 +268,9 @@ outof(struct name *names, FILE *fo, struct header *hp)
FILE *fout, *fin;
int ispipe;
+ if (value("expandaddr") == NULL)
+ return names;
+
top = names;
np = names;
time(&now);
--
1.9.3
|