add missing strlcpy() check when parsing "backup hostname" in smtpd.conf,

it could lead to smtpd not finding itself in a MX lookup if a hostname is
specified that exceeds the max hostname len.

while at it, add a missing free()

diff --git a/usr.sbin/smtpd/parse.y b/usr.sbin/smtpd/parse.y
index 1b73fd2..afac7c7 100644 (file)
--- a/usr.sbin/smtpd/parse.y
+++ b/usr.sbin/smtpd/parse.y
@@ -1,4 +1,4 @@
-/*     $OpenBSD: parse.y,v 1.139 2014/04/19 17:08:49 gilles Exp $      */
+/*     $OpenBSD: parse.y,v 1.140 2014/04/19 17:12:02 gilles Exp $      */
 
 /*
  * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -481,8 +481,14 @@ opt_relay_common: AS STRING        {
 
 opt_relay      : BACKUP STRING                 {
                        rule->r_value.relayhost.flags |= F_BACKUP;
-                       strlcpy(rule->r_value.relayhost.hostname, $2,
-                           sizeof (rule->r_value.relayhost.hostname));
+                       if (strlcpy(rule->r_value.relayhost.hostname, $2,
+                               sizeof (rule->r_value.relayhost.hostname))
+                           >= sizeof (rule->r_value.relayhost.hostname)) {
+                               log_warnx("hostname too long: %s", $2);
+                               free($2);
+                               YYERROR;
+                       }
+                       free($2);
                }
                | BACKUP                        {
                        rule->r_value.relayhost.flags |= F_BACKUP;