Hi,
Included in this mail is a patch fixing an overflow and a tar ball
containing a maildir demonstrating another mutt crash. This has only been
confirmed on OpenBSD/i386 3.8-current however. MacOS X 10.4 mutt 1.5.11 built
from darwinports doesn't exhibit the same behavior.
Please feel free to diagnose the problem with the included mail (tar ball),
it's something in qp_decode_line in handler.c, that's as far as I've gotten.
handler.c patch (against 1.5.11):
--- handler.c.orig Wed Sep 7 10:20:39 2005
+++ handler.c Wed Dec 21 13:20:01 2005
@@ -93,7 +93,7 @@ void mutt_convert_to_state(iconv_t cd, c
return;
}
- if (cd == (iconv_t)(-1))
+ if (cd == (iconv_t)(-1) || *l >= BUFI_SIZE)
{
state_prefix_put (bufi, *l, s);
*l = 0;
--
Jon
Attachment:
crash.tar.gz
Description: application/tar-gz