Return-Path: <dme@dme.org>
X-Original-To: notmuch@notmuchmail.org
Delivered-To: notmuch@notmuchmail.org
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id 8E7A04196F0
	for <notmuch@notmuchmail.org>; Thu,  1 Apr 2010 04:50:57 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5
	tests=[BAYES_00=-1.9] autolearn=ham
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 2aB84+63Msed for <notmuch@notmuchmail.org>;
	Thu,  1 Apr 2010 04:50:56 -0700 (PDT)
Received: from mail-ww0-f53.google.com (mail-ww0-f53.google.com
 [74.125.82.53])	by olra.theworths.org (Postfix) with ESMTP id A9523431FC1	for
 <notmuch@notmuchmail.org>; Thu,  1 Apr 2010 04:50:56 -0700 (PDT)
Received: by wwb22 with SMTP id 22so707047wwb.26
	for <notmuch@notmuchmail.org>; Thu, 01 Apr 2010 04:50:55 -0700 (PDT)
Received: by 10.216.85.17 with SMTP id t17mr351388wee.178.1270122655770;
	Thu, 01 Apr 2010 04:50:55 -0700 (PDT)
Received: from ut.hh.sledj.net (host83-217-165-81.dsl.vispa.com
	[83.217.165.81])
	by mx.google.com with ESMTPS id i34sm19029982gve.24.2010.04.01.04.50.53
	(version=TLSv1/SSLv3 cipher=RC4-MD5);
	Thu, 01 Apr 2010 04:50:53 -0700 (PDT)
Received: by ut.hh.sledj.net (Postfix, from userid 1000)
	id AC38D5941EC; Thu,  1 Apr 2010 12:50:54 +0100 (BST)
To: David Bremner <david@tethera.net>, Gregor Hoffleit <gregor@hoffleit.de>,
	notmuch <notmuch@notmuchmail.org>
In-Reply-To: <871vezs8ne.fsf@rocinante.cs.unb.ca>
References: <1267699753-sup-3919@sam.mediasupervision.de>
	<871vezs8ne.fsf@rocinante.cs.unb.ca>
From: David Edmondson <dme@dme.org>
Date: Thu, 01 Apr 2010 12:50:54 +0100
Message-ID: <87634bjsrl.fsf@ut.hh.sledj.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Subject: Re: [notmuch] [PATCH] format_part_json: part_content->data is not
 null terminated
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2010 11:50:57 -0000

On Thu, 01 Apr 2010 08:40:37 -0300, David Bremner <david@tethera.net> wrote:
> On Thu, 04 Mar 2010 11:49:48 +0100, Gregor Hoffleit <gregor@hoffleit.de> wrote:
> > In format_part_json, part_content->data is not a null terminated
> > string.
> 
> I'd like to see this bug fixed,

+1.

> and the patch is pretty small, but...
> 
> > Instead, we have to use part_content->len.
> > +	content_data = talloc_size (ctx, part_content->len+1);
> > +	memcpy (content_data, (char *)part_content->data, part_content->len+1);
> 
> Can anyone explain why we copy (what seems to me to be) one extra byte
> here?  In principle reading outside our allocated memory could cause
> problems; at minimum it makes a false positive for a memory checker like
> valgrind.

Agreed. It looks as though this should copy only part_content->len bytes.

dme.
-- 
David Edmondson, http://dme.org