diff options
author | Jeffrey Stedfast <fejj@helixcode.com> | 2000-11-17 16:11:29 +0800 |
---|---|---|
committer | Jeffrey Stedfast <fejj@src.gnome.org> | 2000-11-17 16:11:29 +0800 |
commit | aaaa3be69c5a4f59d1aa4ad4cee2be3de277892b (patch) | |
tree | 8496bc039346427748151e5a225d2bc3dcbe69c6 | |
parent | e14164702f1e20019996f4bbdf272843538de833 (diff) | |
download | gsoc2013-evolution-aaaa3be69c5a4f59d1aa4ad4cee2be3de277892b.tar.gz gsoc2013-evolution-aaaa3be69c5a4f59d1aa4ad4cee2be3de277892b.tar.zst gsoc2013-evolution-aaaa3be69c5a4f59d1aa4ad4cee2be3de277892b.zip |
When extracting a literal string, capture up until the end of the last
2000-11-17 Jeffrey Stedfast <fejj@helixcode.com>
* providers/imap/camel-imap-utils.c (imap_parse_nstring): When
extracting a literal string, capture up until the end of the last
line - this we we don't lose any data if the byte count is off.
* providers/imap/camel-imap-command.c (imap_read_untagged): Use
the byte-read count to decrement the number of bytes left to read
rather than using strlen. Not only does this protect against a DoS
(embedded NUL chars in the literal string would make strlen
inaccurate) but it also improves performace a little.
* camel-remote-store.c (remote_recv_line): *Sigh* Return the
number of bytes read on success rather than 0. Also don't use
camel_stream_buffer_read_line since we can't get an accurate octet
count.
svn path=/trunk/; revision=6600
-rw-r--r-- | camel/ChangeLog | 4 | ||||
-rw-r--r-- | camel/providers/imap/camel-imap-utils.c | 4 |
2 files changed, 8 insertions, 0 deletions
diff --git a/camel/ChangeLog b/camel/ChangeLog index 38ec264d57..734bbbe75f 100644 --- a/camel/ChangeLog +++ b/camel/ChangeLog @@ -1,5 +1,9 @@ 2000-11-17 Jeffrey Stedfast <fejj@helixcode.com> + * providers/imap/camel-imap-utils.c (imap_parse_nstring): When + extracting a literal string, capture up until the end of the last + line - this we we don't lose any data if the byte count is off. + * providers/imap/camel-imap-command.c (imap_read_untagged): Use the byte-read count to decrement the number of bytes left to read rather than using strlen. Not only does this protect against a DoS diff --git a/camel/providers/imap/camel-imap-utils.c b/camel/providers/imap/camel-imap-utils.c index b38024ecc6..0677c63555 100644 --- a/camel/providers/imap/camel-imap-utils.c +++ b/camel/providers/imap/camel-imap-utils.c @@ -637,6 +637,10 @@ imap_parse_nstring (char **str_p, int *len) *str_p = NULL; return NULL; } + + /* capture up until the end of the line - byte count may be a little off */ + for ( ; *(str + *len) != '\n'; (*len)++); + out = g_strndup (str, *len); *str_p = str + *len; return out; |