Re: Bug in mutt 1.5.11

To: Jon Olsson <jon@xxxxxxxx>
Subject: Re: Bug in mutt 1.5.11
From: Brendan Cully <brendan@xxxxxxxxxx>
Date: Thu, 22 Dec 2005 11:37:40 -0800
Cc: mutt-dev@xxxxxxxx
In-reply-to: <20051222085447.GA22485@xxxxxxxxxxxxxx>
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?Subject="Unsubscribe Mutt Dev"?body=unsubscribe>
Mail-followup-to: Jon Olsson <jon@xxxxxxxx>, mutt-dev@xxxxxxxx
References: <20051222085447.GA22485@xxxxxxxxxxxxxx>
Sender: owner-mutt-dev@xxxxxxxx
User-agent: Mutt/1.5.11

On Thursday, 22 December 2005 at 09:54, Jon Olsson wrote:
> Hi,
> 
>   Included in this mail is a patch fixing an overflow and a tar ball
> containing a maildir demonstrating another mutt crash.  This has only been
> confirmed on OpenBSD/i386 3.8-current however.  MacOS X 10.4 mutt 1.5.11 built
> from darwinports doesn't exhibit the same behavior.
>   Please feel free to diagnose the problem with the included mail (tar ball),
> it's something in qp_decode_line in handler.c, that's as far as I've gotten.
> 
> handler.c patch (against 1.5.11):
> +++ handler.c   Wed Dec 21 13:20:01 2005
> @@ -93,7 +93,7 @@ void mutt_convert_to_state(iconv_t cd, c
>      return;
>    }
>  
> -  if (cd == (iconv_t)(-1))
> +  if (cd == (iconv_t)(-1) || *l >= BUFI_SIZE)
>    {
>      state_prefix_put (bufi, *l, s);
>      *l = 0;

This was discussed before, but no one seemed to be confident about the
right resolution:

http://www.df7cb.de/mutt/message/20050818.182554.2764d13e.en.html

References:
- Bug in mutt 1.5.11
  - From: Jon Olsson

Prev by Date: Re: imap/2093: mutt crashes when connecting to an imap server over SSL
Next by Date: mutt/2156: Unable to compile mutt-1.5 on HP Tru64 5.1A (pending) (fwd)
Previous by thread: Bug in mutt 1.5.11
Next by thread: IMAP full message caching now in CVS
Index(es):
- Date
- Thread