[Commits] [SCM] claws branch, master, updated. 3.17.3-161-g24d8ebd
ticho at claws-mail.org
ticho at claws-mail.org
Thu Apr 25 22:22:47 CEST 2019
The branch, master has been updated
via 24d8ebd06b2740620118550ebc73af45b8392415 (commit)
from dc6f61518909b5ada650a4ae922276cd814f0cce (commit)
Summary of changes:
src/procmime.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
- Log -----------------------------------------------------------------
commit 24d8ebd06b2740620118550ebc73af45b8392415
Author: Andrej Kacian <ticho at claws-mail.org>
Date: Thu Apr 25 22:20:06 2019 +0200
Fix a runaway string read in procmime_decode_content()
We initialize output buffer for g_base64_decode_step()
to zeroes, so that we can later call strlen() on it
safely.
We also allocate one byte more than we write, so that
the trailing zero byte is guaranteed to be there.
diff --git a/src/procmime.c b/src/procmime.c
index 2be6961..a5961b7 100644
--- a/src/procmime.c
+++ b/src/procmime.c
@@ -366,7 +366,7 @@ gboolean procmime_decode_content(MimeInfo *mimeinfo)
if (flowed)
FLUSH_LASTLINE();
} else if (encoding == ENC_BASE64) {
- gchar outbuf[BUFFSIZE];
+ gchar outbuf[BUFFSIZE + 1];
gint len, inlen, inread;
gboolean got_error = FALSE;
gboolean uncanonicalize = FALSE;
@@ -390,6 +390,7 @@ gboolean procmime_decode_content(MimeInfo *mimeinfo)
while ((inlen = MIN(readend - ftell(infp), sizeof(buf))) > 0 && !err) {
inread = claws_fread(buf, 1, inlen, infp);
+ memset(outbuf, 0, sizeof(buf));
len = g_base64_decode_step(buf, inlen, outbuf, &state, &save);
if (uncanonicalize == TRUE && strlen(outbuf) < len && starting) {
uncanonicalize = FALSE;
-----------------------------------------------------------------------
hooks/post-receive
--
Claws Mail
More information about the Commits
mailing list