From 311345a4716ee14888a8e02630897d7d0c274be4 Mon Sep 17 00:00:00 2001
From: manuel <manuel@mausz.at>
Date: Wed, 10 Apr 2019 09:33:47 +0200
Subject: Fix CVE-2011-1431

---
 qmail-smtpd.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/qmail-smtpd.c b/qmail-smtpd.c
index b2c0263..3352911 100644
--- a/qmail-smtpd.c
+++ b/qmail-smtpd.c
@@ -813,6 +813,9 @@ int saferead(fd,buf,len) int fd; char *buf; int len;
 
 char ssinbuf[1024];
 substdio ssin = SUBSTDIO_FDBUF(saferead,0,ssinbuf,sizeof ssinbuf);
+#ifdef TLS
+void flush_io() { ssin.p = 0; flush(); }
+#endif
 
 struct qmail qqt;
 unsigned int bytestooverflow = 0;
@@ -1566,7 +1569,7 @@ struct commands smtpcommands[] = {
 , { "rset", smtp_rset, 0 }
 , { "help", smtp_help, flush }
 #ifdef TLS
-, { "starttls", smtp_tls, flush }
+, { "starttls", smtp_tls, flush_io }
 #endif
 , { "noop", err_noop, flush }
 , { "vrfy", err_vrfy, flush }
-- 
cgit v1.2.3