[nail-devel] Bugfix for S-nail 14.1

Thu, 14 Mar 2013 12:00:04 -0700 

I need to create automatized tests which catch such cases.
So there has to be v14.2 pretty soon, and the mentioned *headline*
%n / thread sorting and selection release will be v14.3.
Aaach -- too stupid to add this pure code slacking commit shortly
before the release, *damn*.

Date:   2013-03-14 19:47:05 +0100

    mime_fromhdr(): never return NULL output..
    
    S-nail 14.1 can be crashed with an empty header field; i thought
    this ends up as NULL/non-existent, but no, it doesn't.
    Therefore we try to terminate a non-existent buffer, which ends
    up as a SEGV.
    
    Also, mime_fromhdr() *must* return with a *terminated*, *newly
    allocated* buffer to satisfy its callers, so just do so.
    This is XXX, of course.
    
    Excuse:
        With the head at the Unicode stuff that i'm about to do
        i wanted to get that thing into the release, and obviously did
        a premature commit.  And here it is what happens.
---
 cmd1.c |    7 +++----
 mime.c |   11 +++++++++--
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/cmd1.c b/cmd1.c
index 4c582dd..4000afa 100644
--- a/cmd1.c
+++ b/cmd1.c
@@ -460,10 +460,9 @@ jdate_set:
                date = fakedate(datet);
        }
 
-       if ((subjline = hfield1("subject", mp)) == NULL) {
-               out.s = NULL;
-               out.l = 0;
-       } else {
+       out.s = NULL;
+       out.l = 0;
+       if ((subjline = hfield1("subject", mp)) != NULL) {
                in.s = subjline;
                in.l = strlen(subjline);
                mime_fromhdr(&in, &out, TD_ICONV | TD_ISPR);
diff --git a/mime.c b/mime.c
index 0e5ab7f..35babe9 100644
--- a/mime.c
+++ b/mime.c
@@ -892,9 +892,15 @@ mime_fromhdr(struct str const *in, struct str *out, enum 
tdflags flags)
        iconv_t fhicd = (iconv_t)-1;
 #endif
 
-       tcs = charset_get_lc();
-       out->s = NULL;
        out->l = 0;
+       if (in->l == 0) {
+               *(out->s = smalloc(1)) = '\0';
+               goto jleave;
+       }
+       out->s = NULL;
+
+       tcs = charset_get_lc();
+
        upper = in->s + in->l;
        for (p = in->s; p < upper;) {
                op = p;
@@ -998,6 +1004,7 @@ fromhdr_end:
        if (fhicd != (iconv_t)-1)
                n_iconv_close(fhicd);
 #endif
+jleave:
        return;
 }
 

--steffen

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar
_______________________________________________
nail-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nail-devel

Reply via email to