1 Return-Path: <dme@dme.org>
\r
2 X-Original-To: notmuch@notmuchmail.org
\r
3 Delivered-To: notmuch@notmuchmail.org
\r
4 Received: from localhost (localhost [127.0.0.1])
\r
5 by olra.theworths.org (Postfix) with ESMTP id B55F540AB25
\r
6 for <notmuch@notmuchmail.org>; Wed, 19 May 2010 01:55:13 -0700 (PDT)
\r
7 X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
\r
11 X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5
\r
12 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
\r
13 Received: from olra.theworths.org ([127.0.0.1])
\r
14 by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
\r
15 with ESMTP id D7FNIOZTSrT6 for <notmuch@notmuchmail.org>;
\r
16 Wed, 19 May 2010 01:54:59 -0700 (PDT)
\r
17 Received: from mail-ew0-f213.google.com (mail-ew0-f213.google.com
\r
19 by olra.theworths.org (Postfix) with ESMTP id 6665B409DF6
\r
20 for <notmuch@notmuchmail.org>; Wed, 19 May 2010 01:53:48 -0700 (PDT)
\r
21 Received: by mail-ew0-f213.google.com with SMTP id 5so1814160ewy.0
\r
22 for <notmuch@notmuchmail.org>; Wed, 19 May 2010 01:53:48 -0700 (PDT)
\r
23 Received: by 10.213.63.75 with SMTP id a11mr3777267ebi.9.1274259228012;
\r
24 Wed, 19 May 2010 01:53:48 -0700 (PDT)
\r
25 Received: from ut.hh.sledj.net (host83-217-165-81.dsl.vispa.com
\r
27 by mx.google.com with ESMTPS id 16sm3515040ewy.15.2010.05.19.01.53.44
\r
28 (version=TLSv1/SSLv3 cipher=RC4-MD5);
\r
29 Wed, 19 May 2010 01:53:45 -0700 (PDT)
\r
30 Received: by ut.hh.sledj.net (Postfix, from userid 1000)
\r
31 id 2898259407E; Wed, 19 May 2010 08:03:45 +0100 (BST)
\r
32 From: David Edmondson <dme@dme.org>
\r
33 To: notmuch@notmuchmail.org
\r
34 Subject: [PATCH 02/13] notmuch: Fix off-by-one errors if a header is >200
\r
36 Date: Wed, 19 May 2010 08:03:29 +0100
\r
37 Message-Id: <1274252620-1249-3-git-send-email-dme@dme.org>
\r
38 X-Mailer: git-send-email 1.7.1
\r
39 In-Reply-To: <1274252620-1249-1-git-send-email-dme@dme.org>
\r
40 References: <1274252620-1249-1-git-send-email-dme@dme.org>
\r
41 X-BeenThere: notmuch@notmuchmail.org
\r
42 X-Mailman-Version: 2.1.13
\r
44 List-Id: "Use and development of the notmuch mail system."
\r
45 <notmuch.notmuchmail.org>
\r
46 List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
\r
47 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
\r
48 List-Archive: <http://notmuchmail.org/pipermail/notmuch>
\r
49 List-Post: <mailto:notmuch@notmuchmail.org>
\r
50 List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
\r
51 List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
\r
52 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
\r
53 X-List-Received-Date: Wed, 19 May 2010 08:55:14 -0000
\r
55 If a single header is more than 200 characters long a set of 'off by
\r
56 one' errors cause memory corruption.
\r
58 When allocating memory with:
\r
60 the last usable byte of the memory is 'a + len - 1' rather than 'a +
\r
63 Fix the same bug when calculating the current offset should the buffer
\r
64 used for collecting the output header need to be reallocated.
\r
66 gmime-filter-headers.c | 6 +++---
\r
67 1 files changed, 3 insertions(+), 3 deletions(-)
\r
69 diff --git a/gmime-filter-headers.c b/gmime-filter-headers.c
\r
70 index 2f3df80..7db3779 100644
\r
71 --- a/gmime-filter-headers.c
\r
72 +++ b/gmime-filter-headers.c
\r
73 @@ -169,7 +169,7 @@ filter_filter (GMimeFilter *filter, char *inbuf, size_t inlen, size_t prespace,
\r
74 headers->lineptr = headers->line = malloc (headers->line_size);
\r
76 lineptr = headers->lineptr;
\r
77 - lineend = headers->line + headers->line_size;
\r
78 + lineend = headers->line + headers->line_size - 1;
\r
79 if (lineptr == NULL)
\r
81 outptr = filter->outbuf;
\r
82 @@ -185,8 +185,8 @@ filter_filter (GMimeFilter *filter, char *inbuf, size_t inlen, size_t prespace,
\r
83 if (lineptr == lineend) {
\r
84 headers->line_size *= 2;
\r
85 headers->line = xrealloc (headers->line, headers->line_size);
\r
86 - lineptr = headers->line + headers->line_size / 2;
\r
87 - lineend = headers->line + headers->line_size;
\r
88 + lineptr = headers->line + (headers->line_size / 2) - 1;
\r
89 + lineend = headers->line + headers->line_size - 1;
\r
92 if (headers->saw_nl && *inptr != ' ' && *inptr != '\t') {
\r