diff options
author | Jeffrey Stedfast <fejj@ximian.com> | 2002-08-02 04:20:21 +0800 |
---|---|---|
committer | Jeffrey Stedfast <fejj@src.gnome.org> | 2002-08-02 04:20:21 +0800 |
commit | d919cede4f6616a3b3d03fe80579ab26586b6f36 (patch) | |
tree | dadf2dd9bd58afd2d0b3901bd1b25d3064137864 | |
parent | fe2c641f4dc2ee614274134f6047384ab7b1b97e (diff) | |
download | gsoc2013-evolution-d919cede4f6616a3b3d03fe80579ab26586b6f36.tar.gz gsoc2013-evolution-d919cede4f6616a3b3d03fe80579ab26586b6f36.tar.zst gsoc2013-evolution-d919cede4f6616a3b3d03fe80579ab26586b6f36.zip |
Do more error checking to prevent crashing if we fail to read a string for
2002-08-01 Jeffrey Stedfast <fejj@ximian.com>
* camel-folder-summary.c (message_info_load): Do more error
checking to prevent crashing if we fail to read a string for
example.
svn path=/trunk/; revision=17672
-rw-r--r-- | camel/ChangeLog | 6 | ||||
-rw-r--r-- | camel/camel-folder-summary.c | 72 |
2 files changed, 50 insertions, 28 deletions
diff --git a/camel/ChangeLog b/camel/ChangeLog index ed4b1c1477..a100de7cd7 100644 --- a/camel/ChangeLog +++ b/camel/ChangeLog @@ -1,3 +1,9 @@ +2002-08-01 Jeffrey Stedfast <fejj@ximian.com> + + * camel-folder-summary.c (message_info_load): Do more error + checking to prevent crashing if we fail to read a string for + example. + 2002-07-29 Peter Williams <peterw@ximian.com> Fix bug #28238 diff --git a/camel/camel-folder-summary.c b/camel/camel-folder-summary.c index b7024ec84e..82571e7632 100644 --- a/camel/camel-folder-summary.c +++ b/camel/camel-folder-summary.c @@ -1693,50 +1693,66 @@ message_info_load(CamelFolderSummary *s, FILE *in) #endif mi->content = NULL; - - camel_file_util_decode_fixed_int32(in, &mi->message_id.id.part.hi); - camel_file_util_decode_fixed_int32(in, &mi->message_id.id.part.lo); - - if (camel_file_util_decode_uint32(in, &count) == -1 || count > 500) + + /* decode the message-id */ + if (camel_file_util_decode_fixed_int32 (in, &mi->message_id.id.part.hi) == -1) goto error; - + if (camel_file_util_decode_fixed_int32 (in, &mi->message_id.id.part.lo) == -1) + goto error; + + /* decode the references count */ + if (camel_file_util_decode_uint32 (in, &count) == -1 || count > 500) + goto error; + if (count > 0) { + /* decode the references */ mi->references = g_malloc(sizeof(*mi->references) + ((count-1) * sizeof(mi->references->references[0]))); mi->references->size = count; - for (i=0;i<count;i++) { - camel_file_util_decode_fixed_int32(in, &mi->references->references[i].id.part.hi); - camel_file_util_decode_fixed_int32(in, &mi->references->references[i].id.part.lo); + for (i = 0; i < count; i++) { + if (camel_file_util_decode_fixed_int32 (in, &mi->references->references[i].id.part.hi) == -1) + goto error; + if (camel_file_util_decode_fixed_int32 (in, &mi->references->references[i].id.part.lo) == -1) + goto error; } } - - if (camel_file_util_decode_uint32(in, &count) == -1 || count > 500) + + if (camel_file_util_decode_uint32 (in, &count) == -1 || count > 500) goto error; - - for (i=0;i<count;i++) { + + /* decode the user-flags */ + for (i = 0; i < count; i++) { char *name; - camel_file_util_decode_string(in, &name); - camel_flag_set(&mi->user_flags, name, TRUE); - g_free(name); + + if (camel_file_util_decode_string (in, &name) == -1) + goto error; + + camel_flag_set (&mi->user_flags, name, TRUE); + g_free (name); } - - if (camel_file_util_decode_uint32(in, &count) == -1 || count > 500) + + if (camel_file_util_decode_uint32 (in, &count) == -1 || count > 500) goto error; - - for (i=0;i<count;i++) { + + /* decode the user-tags */ + for (i = 0; i < count; i++) { char *name, *value; - camel_file_util_decode_string(in, &name); - camel_file_util_decode_string(in, &value); - camel_tag_set(&mi->user_tags, name, value); - g_free(name); - g_free(value); + + if (camel_file_util_decode_string (in, &name) == -1) + goto error; + if (camel_file_util_decode_string (in, &value) == -1) + goto error; + + camel_tag_set (&mi->user_tags, name, value); + g_free (name); + g_free (value); } - + if (!ferror(in)) return mi; - + error: camel_folder_summary_info_free(s, mi); - + return NULL; } |