[PATCH] close potential buffer overflow in prot_flush (was: Re: [PATCH] imapd segfaults after broken pipe)

Henrique de Moraes Holschuh hmh at debian.org
Mon Jan 6 15:28:47 EST 2003


On Mon, 06 Jan 2003, Rob Siemborski wrote:
> I've committed/credited this as well.

By doing that you fixed the hole Gerd's workaround was initially added for
:-)

I suggest the assert in Gerd's patch to be moved to before the if clause.
That way, we catch any other bug that triggers that assert.

See attached patch...

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh
-------------- next part --------------
diff -ru cyrus-imapd.orig/lib/prot.c cyrus-imapd/lib/prot.c
--- cyrus-imapd.orig/lib/prot.c	2003-01-06 18:13:02.000000000 -0200
+++ cyrus-imapd/lib/prot.c	2003-01-06 18:27:33.000000000 -0200
@@ -797,8 +797,8 @@
 int prot_putc(int c, struct protstream *s)
 {
     assert(s->write);
-    if(s->error || s->eof) return EOF;
     assert(s->cnt > 0);
+    if(s->error || s->eof) return EOF;
 
     *s->ptr++ = c;
     if (--s->cnt == 0) {


More information about the Info-cyrus mailing list