[Commits] [SCM] claws branch, master, updated. 3.17.3-53-g370d1ed

ticho at claws-mail.org ticho at claws-mail.org
Sun Jan 27 12:19:27 CET 2019


The branch, master has been updated
       via  370d1ed483ac2c82345822c7c6c07779762198e6 (commit)
      from  a09c703495e9e7e535051a24791c7dbb27877ff9 (commit)

Summary of changes:
 src/plugins/vcalendar/vcal_folder.c |    9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)


- Log -----------------------------------------------------------------
commit 370d1ed483ac2c82345822c7c6c07779762198e6
Author: Andrej Kacian <ticho at claws-mail.org>
Date:   Sun Jan 27 11:45:38 2019 +0100

    Fix possible stack overflow in vcalendar's Curl data handler
    
    Allocate the VLA on heap instead.

diff --git a/src/plugins/vcalendar/vcal_folder.c b/src/plugins/vcalendar/vcal_folder.c
index 20a4011..8ea78e5 100644
--- a/src/plugins/vcalendar/vcal_folder.c
+++ b/src/plugins/vcalendar/vcal_folder.c
@@ -1550,17 +1550,20 @@ static size_t curl_recv(void *buf, size_t size, size_t nmemb, void *stream)
 {
 	struct CBuf *buffer = (struct CBuf *)stream;
 	gchar *tmp = NULL;
-	gchar tmpbuf[size*nmemb + 1];
+	gchar *tmpbuf = g_malloc0(size*nmemb + 1);
+
+	g_return_val_if_fail(tmpbuf != NULL, 0);
 
 	memcpy(tmpbuf, buf, size*nmemb);
-	tmpbuf[size*nmemb] = '\0';
 
 	if (buffer->str) {
+		/* If the buffer already has contents, append the new data. */
 		tmp = g_strconcat(buffer->str, tmpbuf, NULL);
+		g_free(tmpbuf);
 		g_free(buffer->str);
 		buffer->str = tmp;
 	} else {
-		buffer->str = g_strdup(tmpbuf);
+		buffer->str = tmpbuf;
 	}
 
 	return size*nmemb;

-----------------------------------------------------------------------


hooks/post-receive
-- 
Claws Mail


More information about the Commits mailing list