[gmime] Fixed g_malloc abort() caused by malformed encoded-word token

[Jeffrey Stedfast <fejj src gnome org>]

commit b9c7c9715cf53e305a40587a3787f4c5c6cfc2bd
Author: Jeffrey Stedfast <fejj gnome org>
Date:   Sun Aug 5 13:35:41 2012 -0400

    Fixed g_malloc abort() caused by malformed encoded-word token
    
    2012-08-05  Jeffrey Stedfast  <jeff xamarin com>
    
    	* gmime/gmime-utils.c (rfc2047_token_new_encoded_word): Make sure
    	to properly handle broken encoded-word tokens in the form:
    	=?charset?q?=.
    
    	Fixes the g_malloc abort() in bug #679388

 ChangeLog           |    8 ++++++++
 gmime/gmime-utils.c |    4 ++++
 2 files changed, 12 insertions(+), 0 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index 09af19c..cd5ab84 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,13 @@
 2012-08-05  Jeffrey Stedfast  <jeff xamarin com>
 
+	* gmime/gmime-utils.c (rfc2047_token_new_encoded_word): Make sure
+	to properly handle broken encoded-word tokens in the form:
+	=?charset?q?=.
+
+	Fixes the g_malloc abort() in bug #679388
+
+2012-08-05  Jeffrey Stedfast  <jeff xamarin com>
+
 	* gmime/gmime-multipart-signed.c (check_protocol_supported): Oops,
 	need to compare against xsupported in the second string compare.
 
diff --git a/gmime/gmime-utils.c b/gmime/gmime-utils.c
index 470c8ce..dc41bf6 100644
--- a/gmime/gmime-utils.c
+++ b/gmime/gmime-utils.c
@@ -1906,6 +1906,10 @@ rfc2047_token_new_encoded_word (const char *word, size_t len)
 	/* find the end of the payload */
 	inptr = word + len - 2;
 	
+	/* make sure that we don't have something like: =?iso-8859-1?Q?= */
+	if (payload > inptr)
+		return NULL;
+	
 	token = rfc2047_token_new (payload, inptr - payload);
 	token->charset = g_mime_charset_iconv_name (charset);
 	token->encoding = encoding;