From 4b1875e9066fa8506c7d218b05b939eaa5030d62 Mon Sep 17 00:00:00 2001
From: Jaroslav Škarvada <jskarvad@redhat.com>
Date: Aug 18 2017 11:01:51 +0000
Subject: Replaced compile-fix patch by format-security patch from Debian not to

  change status codes
  Resolves: rhbz#1482808

---

diff --git a/sendmail-8.15.2-compile-fix.patch b/sendmail-8.15.2-compile-fix.patch
deleted file mode 100644
index dd994bf..0000000
--- a/sendmail-8.15.2-compile-fix.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-diff --git a/sendmail/envelope.c b/sendmail/envelope.c
-index bae6b00..beb91a1 100644
---- a/sendmail/envelope.c
-+++ b/sendmail/envelope.c
-@@ -323,7 +323,7 @@ dropenvelope(e, fulldrop, split)
- 
- 			/* don't free, allocated from e_rpool */
- 			e->e_message = sm_rpool_strdup_x(e->e_rpool, buf);
--			message(buf);
-+			message("%s", buf);
- 			e->e_flags |= EF_CLRQUEUE;
- 		}
- 		if (msg_timeout == MSG_NOT_BY)
-@@ -420,7 +420,7 @@ dropenvelope(e, fulldrop, split)
- 				/* don't free, allocated from e_rpool */
- 				e->e_message = sm_rpool_strdup_x(e->e_rpool,
- 								 buf);
--				message(buf);
-+				message("%s", buf);
- 				e->e_flags |= EF_WARNING;
- 			}
- 			if (msg_timeout == MSG_WARN_BY)
-diff --git a/sendmail/parseaddr.c b/sendmail/parseaddr.c
-index 2adb39c..ba99414 100644
---- a/sendmail/parseaddr.c
-+++ b/sendmail/parseaddr.c
-@@ -218,7 +218,7 @@ parseaddr(addr, a, flags, delim, delimptr, e, isrcpt)
- 			msg = "Deferring message until queue run";
- 		if (tTd(20, 1))
- 			sm_dprintf("parseaddr: queueing message\n");
--		message(msg);
-+		message("%s", msg);
- 		if (e->e_message == NULL && e->e_sendmode != SM_DEFER)
- 			e->e_message = sm_rpool_strdup_x(e->e_rpool, msg);
- 		a->q_state = QS_QUEUEUP;
-diff --git a/sendmail/srvrsmtp.c b/sendmail/srvrsmtp.c
-index ba636a8..2821532 100644
---- a/sendmail/srvrsmtp.c
-+++ b/sendmail/srvrsmtp.c
-@@ -578,13 +578,13 @@ static bool	smtp_data __P((SMTP_T *, ENVELOPE *));
- 				bool tsave = QuickAbort;		\
- 									\
- 				QuickAbort = false;			\
--				usrerr(response);			\
-+				usrerr("%s", response);		\
- 				QuickAbort = tsave;			\
- 				e->e_sendqueue = NULL;			\
- 				goto doquit;				\
- 			}						\
- 			else						\
--				usrerr(response);			\
-+				usrerr("%s", response);			\
- 			break;						\
- 									\
- 		  case SMFIR_REJECT:					\
-@@ -931,7 +931,7 @@ smtp(nullserver, d_flags, e)
- 	}
- 	else if (strncmp(nullserver, "421 ", 4) == 0)
- 	{
--		message(nullserver);
-+		message("%s", nullserver);
- 		goto doquit;
- 	}
- 
-@@ -1849,7 +1849,7 @@ smtp(nullserver, d_flags, e)
- 				if (nullserver != NULL)
- 				{
- 					if (ISSMTPREPLY(nullserver))
--						usrerr(nullserver);
-+						usrerr("%s", nullserver);
- 					else
- 						usrerr("550 5.0.0 %s",
- 						       nullserver);
-@@ -2449,7 +2449,7 @@ smtp(nullserver, d_flags, e)
- 					tempfail = true;
- 					smtp.sm_milterize = false;
- 					if (response != NULL)
--						usrerr(response);
-+						usrerr("%s", response);
- 					else
- 						message("421 4.7.0 %s closing connection",
- 							MyHostName);
-@@ -3656,7 +3656,7 @@ smtp_data(smtp, e)
- 				(void) extenhsc(response + 4, ' ', e->e_enhsc);
- #endif /* _FFR_MILTER_ENHSC */
- 
--			usrerr(response);
-+			usrerr("%s", response);
- 			if (strncmp(response, "421 ", 4) == 0
- 			    || strncmp(response, "421-", 4) == 0)
- 			{
-@@ -3776,7 +3776,7 @@ smtp_data(smtp, e)
- 			if (ISSMTPCODE(response))
- 				(void) extenhsc(response + 4, ' ', e->e_enhsc);
- #endif /* _FFR_MILTER_ENHSC */
--			usrerr(response);
-+			usrerr("%s", response);
- 			if (strncmp(response, "421 ", 4) == 0
- 			    || strncmp(response, "421-", 4) == 0)
- 				rv = false;
diff --git a/sendmail-8.15.2-format-security.patch b/sendmail-8.15.2-format-security.patch
new file mode 100644
index 0000000..290a4a0
--- /dev/null
+++ b/sendmail-8.15.2-format-security.patch
@@ -0,0 +1,131 @@
+Author: Andreas Beckmann <anbe@debian.org>
+Description: fix FTBFS with -Werror=format-security
+ If a message string from an (untrusted) external source may start with a
+ smtp status code ("123 4.5.6 Foobar"), we cannot sanitize this via
+ ("%s", string) since the status code is expected as part of the format
+ string. Therefore verify that the message string contains no formatting
+ codes before passing it as the format string. Add a dummy argument to
+ suppress the "format not a string literal and no format arguments" error
+ in this case.
+
+--- a/sendmail/envelope.c
++++ b/sendmail/envelope.c
+@@ -323,7 +323,7 @@ dropenvelope(e, fulldrop, split)
+ 
+ 			/* don't free, allocated from e_rpool */
+ 			e->e_message = sm_rpool_strdup_x(e->e_rpool, buf);
+-			message(buf);
++			message("%s", buf);
+ 			e->e_flags |= EF_CLRQUEUE;
+ 		}
+ 		if (msg_timeout == MSG_NOT_BY)
+@@ -420,7 +420,7 @@ dropenvelope(e, fulldrop, split)
+ 				/* don't free, allocated from e_rpool */
+ 				e->e_message = sm_rpool_strdup_x(e->e_rpool,
+ 								 buf);
+-				message(buf);
++				message("%s", buf);
+ 				e->e_flags |= EF_WARNING;
+ 			}
+ 			if (msg_timeout == MSG_WARN_BY)
+--- a/sendmail/parseaddr.c
++++ b/sendmail/parseaddr.c
+@@ -218,7 +218,7 @@ parseaddr(addr, a, flags, delim, delimpt
+ 			msg = "Deferring message until queue run";
+ 		if (tTd(20, 1))
+ 			sm_dprintf("parseaddr: queueing message\n");
+-		message(msg);
++		message("%s", msg);
+ 		if (e->e_message == NULL && e->e_sendmode != SM_DEFER)
+ 			e->e_message = sm_rpool_strdup_x(e->e_rpool, msg);
+ 		a->q_state = QS_QUEUEUP;
+--- a/sendmail/srvrsmtp.c
++++ b/sendmail/srvrsmtp.c
+@@ -122,6 +122,26 @@ extern ENVELOPE	BlankEnvelope;
+ #define SKIP_SPACE(s)	while (isascii(*s) && isspace(*s))	\
+ 				(s)++
+ 
++static inline void
++message1(fmt)
++	char *fmt;
++{
++	if (strchr(fmt, '%') == NULL)
++		message(fmt, NULL);
++	else
++		message("%s", fmt);
++}
++
++static inline void
++usrerr1(fmt)
++	char *fmt;
++{
++	if (strchr(fmt, '%') == NULL)
++		usrerr(fmt, NULL);
++	else
++		usrerr("%s", fmt);
++}
++
+ /*
+ **  PARSE_ESMTP_ARGS -- parse EMSTP arguments (for MAIL, RCPT)
+ **
+@@ -578,13 +598,13 @@ static bool	smtp_data __P((SMTP_T *, ENV
+ 				bool tsave = QuickAbort;		\
+ 									\
+ 				QuickAbort = false;			\
+-				usrerr(response);			\
++				usrerr1(response);			\
+ 				QuickAbort = tsave;			\
+ 				e->e_sendqueue = NULL;			\
+ 				goto doquit;				\
+ 			}						\
+ 			else						\
+-				usrerr(response);			\
++				usrerr1(response);			\
+ 			break;						\
+ 									\
+ 		  case SMFIR_REJECT:					\
+@@ -931,7 +951,7 @@ smtp(nullserver, d_flags, e)
+ 	}
+ 	else if (strncmp(nullserver, "421 ", 4) == 0)
+ 	{
+-		message(nullserver);
++		message1(nullserver);
+ 		goto doquit;
+ 	}
+ 
+@@ -1849,7 +1869,7 @@ smtp(nullserver, d_flags, e)
+ 				if (nullserver != NULL)
+ 				{
+ 					if (ISSMTPREPLY(nullserver))
+-						usrerr(nullserver);
++						usrerr1(nullserver);
+ 					else
+ 						usrerr("550 5.0.0 %s",
+ 						       nullserver);
+@@ -2452,7 +2472,7 @@ smtp(nullserver, d_flags, e)
+ 					tempfail = true;
+ 					smtp.sm_milterize = false;
+ 					if (response != NULL)
+-						usrerr(response);
++						usrerr1(response);
+ 					else
+ 						message("421 4.7.0 %s closing connection",
+ 							MyHostName);
+@@ -3659,7 +3679,7 @@ smtp_data(smtp, e)
+ 				(void) extenhsc(response + 4, ' ', e->e_enhsc);
+ #endif /* _FFR_MILTER_ENHSC */
+ 
+-			usrerr(response);
++			usrerr1(response);
+ 			if (strncmp(response, "421 ", 4) == 0
+ 			    || strncmp(response, "421-", 4) == 0)
+ 			{
+@@ -3779,7 +3799,7 @@ smtp_data(smtp, e)
+ 			if (ISSMTPCODE(response))
+ 				(void) extenhsc(response + 4, ' ', e->e_enhsc);
+ #endif /* _FFR_MILTER_ENHSC */
+-			usrerr(response);
++			usrerr1(response);
+ 			if (strncmp(response, "421 ", 4) == 0
+ 			    || strncmp(response, "421-", 4) == 0)
+ 				rv = false;
diff --git a/sendmail.spec b/sendmail.spec
index d4318c2..95f48aa 100644
--- a/sendmail.spec
+++ b/sendmail.spec
@@ -17,7 +17,7 @@
 Summary: A widely used Mail Transport Agent (MTA)
 Name: sendmail
 Version: 8.15.2
-Release: 18%{?dist}
+Release: 19%{?dist}
 License: Sendmail
 Group: System Environment/Daemons
 URL: http://www.sendmail.org/
@@ -87,7 +87,9 @@ Patch26: sendmail-8.15.2-libmilter-socket-activation.patch
 # patch provided by upstream
 Patch27: sendmail-8.15.2-smtp-session-reuse-fix.patch
 Patch28: sendmail-8.15.2-openssl-1.1.0-fix.patch
-Patch29: sendmail-8.15.2-compile-fix.patch
+# patch taken from Debian
+# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807258
+Patch29: sendmail-8.15.2-format-security.patch
 # rhbz#1473971
 Patch30: sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -216,7 +218,7 @@ cp devtools/M4/UNIX/{,shared}library.m4
 %patch26 -p1 -b .libmilter-socket-activation
 %patch27 -p1 -b .smtp-session-reuse-fix
 %patch28 -p1 -b .openssl-1.1.0-fix
-%patch29 -p1 -b .compile-fix
+%patch29 -p1 -b .format-security
 %patch30 -p1 -b .openssl-1.1.0-ecdhe-fix
 
 for f in RELEASE_NOTES contrib/etrn.0; do
@@ -736,6 +738,11 @@ fi
 %endif
 
 %changelog
+* Fri Aug 18 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-19
+- Replaced compile-fix patch by format-security patch from Debian not to
+  change status codes
+  Resolves: rhbz#1482808
+
 * Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 8.15.2-18
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild