Re: [evolution-patches] 72609, crash viewing mail, security/dos fix




Ok, I think this part of the patch is wrong then.  We should be returning NULL.

The other patch should have fixed the crash, but it looks like there's just a bug in the encode_param stuff, since it assumes charset_best returns a name always.  Perhaps i should just output the 8 bit data "raw", like it got in.


On Fri, 2005-02-25 at 10:07 -0500, Jeffrey Stedfast wrote:
On Fri, 2005-02-25 at 11:51 +0800, Not Zed wrote:
> missed one again jeff?

hmmm, coulda sworn I reviewed this patch... maybe I just forgot to send
email about it :)

I rememebr going thru the code checking where we used
camel_charset_best() thinking we relied on it returning NULL for
US-ASCII, but that's not true (anymore?)

I'm actually surprised from our usage of it that we didn't run into this
sooner.

anyways, looks good and please commit :)

oh, the function below it with the comment about it returning NULL for
US-ASCII should probably be updated.

Jeff

> 
> On Thu, 2005-02-24 at 14:39 +0800, Not Zed wrote:
> > 
> > This should be applied to 2.0.x as well as 2.1 as it fixes a dos
> > when viewing such a message.
> > 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]