bugs in spool_copy_message()
Derrick J Brashear
shadow at dementia.org
Wed Oct 27 16:40:05 EDT 2004
On Wed, 27 Oct 2004, Derrick J Brashear wrote:
> Actually, I will look at this this afternoon; I have a couple other bugs I
> need to look at first.
It should be this simple:
--- spool.c 16 Sep 2004 17:58:54 -0000 1.6
+++ spool.c 27 Oct 2004 20:36:00 -0000
@@ -451,7 +451,7 @@
p[1] = '\n';
p[2] = '\0';
}
- else if (p[0] != '\n') {
+ else if (p[0] != '\n' && (strlen(buf) < sizeof(buf)-2)) {
/* line contained a \0 not at the end */
r = IMAP_MESSAGE_CONTAINSNULL;
continue;
if the line is too long and there's a NULL further down, the next pass(es)
through the loop will get it.
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list