[balsa] imap-handle: Do not underflow buffer

From: Peter Bloomfield <peterb src gnome org>
To: commits-list gnome org
Cc:
Subject: [balsa] imap-handle: Do not underflow buffer
Date: Tue, 15 Mar 2022 15:59:15 +0000 (UTC)

commit 9ab5b66177a5b94deb4a78f8a0cf428a4639abab
Author: Peter Bloomfield <PeterBloomfield bellsouth net>
Date:   Tue Mar 15 11:54:02 2022 -0400

    imap-handle: Do not underflow buffer
    
    The address sanitizer shows that a short IMAP response (with not even a
    trailing CRLF) leads to accessing memory before the start of a
    stack-allocated buffer.

 libbalsa/imap/imap-handle.c | 1 +
 1 file changed, 1 insertion(+)
---
diff --git a/libbalsa/imap/imap-handle.c b/libbalsa/imap/imap-handle.c
index 1ac4b8114..637230d28 100644
--- a/libbalsa/imap/imap-handle.c
+++ b/libbalsa/imap/imap-handle.c
@@ -2293,6 +2293,7 @@ ir_ok(ImapMboxHandle *h)
   if(rc == IMR_PARSE)
     rc = IMR_OK;
   else if (rc != IMR_SEVERED && (l=strlen(line))>0 ) {
+    l = MAX(l, 2);
     line[l-2] = '\0'; 
     imap_mbox_handle_set_msg(h, _("IMAP response: %s"), line);
     if(h->info_cb)

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]