Re: [gmime-devel] Wrong results of g_mime_encoding_outlen



On 05/14/2010 05:19 AM, Damian Pietras wrote:
> I've hit a bug in gmime 2.4.15 while composing a message. Gmime is
> segfaulting if I use GMIME_CONTENT_ENCODING_QUOTEDPRINTABLE. Valgrind
> says it's a buffer overflow while encoding to quoted printable.
>
> It's right, in a simple test case that encodes mostly binary data
> using GMIME_CONTENT_ENCODING_QUOTEDPRINTABLE a buffer overrun occurs in
> g_mime_encoding_quoted_encode_step.
>
> I think the reason is that GMIME_QP_ENCODE_LEN looks like:
>
> #define GMIME_QP_ENCODE_LEN(x)     ((size_t) ((((x) + 1) * 3) + 1))
>
> is wrong because g_mime_encoding_quoted_encode_step inserts an EOL
> char after every 74th output character which the macro doesn't take
> into account. The bug doesn't occur if using base64 encoding.
>
>   

try this macro:

#define GMIME_QP_ENCODE_LEN(x)     ((size_t) ((((x) / 24) * 73) + 74))

Jeff



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]