[evolution-patches] 70919, crash parsing multipart messages

[Not Zed <notzed ximian com>]

we're reading past the end of allocated memory sometimes

--

Michael Zucchi <notzed ximian com> "Ride, Work, Sleep. Beer." Novell's Evolution and Free Software Developer

Index: camel/ChangeLog
===================================================================
RCS file: /cvs/gnome/evolution/camel/Attic/ChangeLog,v
retrieving revision 1.2251.2.30
diff -u -p -r1.2251.2.30 ChangeLog
--- camel/ChangeLog	6 Jan 2005 09:25:02 -0000	1.2251.2.30
+++ camel/ChangeLog	11 Jan 2005 03:29:51 -0000
@@ -1,3 +1,10 @@
+2005-01-11  Not Zed  <NotZed Ximian com>
+
+	** See bug #70919.
+
+	* camel-multipart-signed.c (parse_content): treat the post pointer
+	as binary, not 0 terminated.
+
 2004-12-23  Not Zed  <NotZed Ximian com>
   
 	** See bug #70556.
Index: camel/camel-multipart-signed.c
===================================================================
RCS file: /cvs/gnome/evolution/camel/Attic/camel-multipart-signed.c,v
retrieving revision 1.22.26.1
diff -u -p -r1.22.26.1 camel-multipart-signed.c
--- camel/camel-multipart-signed.c	1 Dec 2004 03:59:14 -0000	1.22.26.1
+++ camel/camel-multipart-signed.c	11 Jan 2005 03:29:51 -0000
@@ -248,6 +248,7 @@ parse_content(CamelMultipartSigned *mps)
 
 	if (end > (char *)mem->buffer->data) {
 		char *tmp = g_strndup(mem->buffer->data, start-(char *)mem->buffer->data-1);
+
 		camel_multipart_set_preface(mp, tmp);
 		g_free(tmp);
 	}
@@ -261,8 +262,12 @@ parse_content(CamelMultipartSigned *mps)
 	if (post == NULL)
 		return -1;
 
-	if (post[0])
-		camel_multipart_set_postface(mp, post);
+	if (post < last) {
+		char *tmp = g_strndup(post, last-post);
+		
+		camel_multipart_set_postface(mp, tmp);
+		g_free(tmp);
+	}
 
 	mps->start1 = start-(char *)mem->buffer->data;
 	mps->end1 = end-(char *)mem->buffer->data;