File majordomo-1.94.5.hostile_adress.patch of Package majordomo

--- majordomo.pl
+++ majordomo.pl	1998/09/13 19:26:21
@@ -493,11 +493,11 @@
 }
 
 # Check to see that this is a valid address. 
-# A valid address is a single address with 
-# no "|" in the address part. It may not start with a - either.
-# If it has a / in it, we use some heuristics to find out if the address
-# may be a file. Some other heuristics attempt to look for a valid X.400
-# address. This is not infalible.
+# A valid address is a single address with no "|" in the address part.
+# It may not start with a - or :include: either. If it has a / in it,
+# we use some heuristics to find out if the address may be a file. Some
+# other heuristics attempt to look for a valid X.400 address. This is
+# not infallible.
 sub main'valid_addr {
     local($addr, $list) = @_;
     local(@addrs, $temp);
@@ -611,8 +611,8 @@
     print STDERR "$0: valid_addr: comparing '$addr' to '$list'\n" if $DEBUG;
 
     # XXX Should at least tell the user that there was a problem.
-    if ( /\|/ || /^-/ ) {
-	&main'abort("HOSTILE ADDRESS (invalid first char or |) $addr"); #'
+    if ( /\|/ || /^-/ || /^:include:/i ) {
+	&main'abort("HOSTILE ADDRESS (contains |, -, or :include:) $addr"); #'
 	return undef;
     }
 
@@ -652,6 +652,10 @@
             &main'abort("HOSTILE ADDRESS (no x400 a[dm]=) $addr")
                     if ($_ !~ m#/a[dm]=#); #'
        }
+       &main'abort("HOSTILE ADDRESS (IFS in x400) $addr")
+            if ($_ =~ m#\$\{IFS#); #'
+       &main'abort("HOSTILE ADDRESS (IFS in x400) $addr")
+            if ($_ =~ m#\$IFS#); #'
    }
 
 print STDERR "$0: valid_addr: exit\n" if $DEBUG;