From fd9d383e7f262291c3a2b6442c761b37252f7e10 Mon Sep 17 00:00:00 2001 From: millert Date: Tue, 16 Dec 2014 18:36:46 +0000 Subject: [PATCH] Add new "expandaddr" flag (disabled by default) to enable recipient address expansion and document it. Previously, this behavior was always enabled. Also document how address expansion is performed, which used to only be described in the (no longer installed) Mail Reference Manual. CVE-2014-7844 --- usr.bin/mail/mail.1 | 50 ++++++++++++++++++++++++++++++++++++++++++-- usr.bin/mail/names.c | 5 ++++- 2 files changed, 52 insertions(+), 3 deletions(-) diff --git a/usr.bin/mail/mail.1 b/usr.bin/mail/mail.1 index 9e95305ba73..af380cd2405 100644 --- a/usr.bin/mail/mail.1 +++ b/usr.bin/mail/mail.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: mail.1,v 1.68 2014/11/24 22:30:16 millert Exp $ +.\" $OpenBSD: mail.1,v 1.69 2014/12/16 18:36:46 millert Exp $ .\" .\" Copyright (c) 1980, 1990, 1993 .\" The Regents of the University of California. All rights reserved. @@ -29,7 +29,7 @@ .\" .\" @(#)mail.1 8.8 (Berkeley) 4/28/95 .\" -.Dd $Mdocdate: November 24 2014 $ +.Dd $Mdocdate: December 16 2014 $ .Dt MAIL 1 .Os .Sh NAME @@ -303,6 +303,47 @@ System wide aliases are not expanded when the mail is sent, but any reply returned to the machine will have the system wide alias expanded as all mail goes through an MTA. +.Ss Recipient address specifications +Recipient addresses (any of the +.Dq To , +.Dq Cc +or +.Dq Bcc +header fields) are subject to expansion when the +.Ic expandaddr +option is set. +.Pp +An address may be expanded as follows: +.Bl -bullet -width Ds +.It +An address that starts with a pipe +.Pq Ql | +character is treated as a command to run. +The command immediately following the +.Ql | +is executed with the message as its standard input. +.It +An address that starts with a +.Ql + +character is treated as a folder. +.It +An address that contains a +.Ql / +character but no +.Ql \&! , +.Ql % , +or +.Ql @ +characters is also treated as a folder. +.It +If none of the above apply, the recipient is treated as +a local or network mail address. +.El +.Pp +If the +.Ic expandaddr +option is not set (the default), no expansion is performed and +the recipient is treated as a local or network mail address. .Ss Network mail (ARPA, UUCP, Berknet) See .Xr mailaddr 7 @@ -920,6 +961,11 @@ causes .Nm mail to interpret a period alone on a line as the terminator of a message you are sending. +.It Ar expandaddr +Causes +.Nm mail +to expand message recipient addresses, as explained in the section +.Sx Recipient address specifications . .It Ar hold This option is used to hold messages in the system mailbox by default. diff --git a/usr.bin/mail/names.c b/usr.bin/mail/names.c index 9deadf04190..87905aaea0f 100644 --- a/usr.bin/mail/names.c +++ b/usr.bin/mail/names.c @@ -1,4 +1,4 @@ -/* $OpenBSD: names.c,v 1.20 2014/08/15 03:51:40 guenther Exp $ */ +/* $OpenBSD: names.c,v 1.21 2014/12/16 18:36:46 millert Exp $ */ /* $NetBSD: names.c,v 1.5 1996/06/08 19:48:32 christos Exp $ */ /* @@ -209,6 +209,9 @@ outof(struct name *names, FILE *fo, struct header *hp) char *date, *fname; FILE *fout, *fin; + if (value("expandaddr") == NULL) + return(names); + top = names; np = names; (void)time(&now); -- 2.20.1