[Commits] [SCM] claws branch, master, updated. 3.17.0-180-g3a482f4
ticho at claws-mail.org
ticho at claws-mail.org
Sat Nov 24 23:16:19 CET 2018
The branch, master has been updated
via 3a482f4d25110e588ef58d5ee67fa4216a6b631d (commit)
from a44ea1792e33e0554c721d50f3038c4e1e20ed81 (commit)
Summary of changes:
src/plugins/mailmbox/mailimf_types_helper.c | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
- Log -----------------------------------------------------------------
commit 3a482f4d25110e588ef58d5ee67fa4216a6b631d
Author: Andrej Kacian <ticho at claws-mail.org>
Date: Sat Nov 24 23:14:26 2018 +0100
Mailmbox: fix buffer overflow in mailimf_get_message_id().
The compiler warning was:
mailimf_types_helper.c: In function ‘mailimf_get_message_id’:
mailimf_types_helper.c:1270:51: warning: ‘%s’ directive output may be truncated writing up to 511 bytes into a region of size between 463 and 500 [-Wformat-truncation=]
snprintf(id, MAX_MESSAGE_ID, "etPan.%llx.%lx.%x@%s",
^~
(long long)now, value, getpid(), name);
~~~~
mailimf_types_helper.c:1270:3: note: ‘snprintf’ output between 13 and 561 bytes into a destination of size 512
snprintf(id, MAX_MESSAGE_ID, "etPan.%llx.%lx.%x@%s",
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(long long)now, value, getpid(), name);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/src/plugins/mailmbox/mailimf_types_helper.c b/src/plugins/mailmbox/mailimf_types_helper.c
index a0c4e96..67e921f 100644
--- a/src/plugins/mailmbox/mailimf_types_helper.c
+++ b/src/plugins/mailmbox/mailimf_types_helper.c
@@ -35,6 +35,8 @@
#include <string.h>
#include <time.h>
#include <unistd.h>
+#include <limits.h>
+#include <errno.h>
#include "mailimf.h"
@@ -1260,13 +1262,23 @@ char * mailimf_get_message_id(void)
{
char id[MAX_MESSAGE_ID];
time_t now;
- char name[MAX_MESSAGE_ID];
+ char name[HOST_NAME_MAX];
long value;
+ int ret;
now = time(NULL);
value = random();
- gethostname(name, MAX_MESSAGE_ID);
+ /* It's unlikely that HOST_NAME_MAX goes above 64, but let's
+ * leave a generous reserve for the hostname in the message
+ * id string. */
+ if (HOST_NAME_MAX > MAX_MESSAGE_ID - 64 ||
+ (ret = gethostname(name, HOST_NAME_MAX)) != 0) {
+ if (ret != 0)
+ perror("gethostname");
+ strncpy(name, "unknown", HOST_NAME_MAX);
+ }
+
snprintf(id, MAX_MESSAGE_ID, "etPan.%llx.%lx.%x@%s",
(long long)now, value, getpid(), name);
-----------------------------------------------------------------------
hooks/post-receive
--
Claws Mail
More information about the Commits
mailing list