On Jun 12, 2004, at 10:05 AM, qmailadmin user wrote:
In user.c #916 change while( tmpstr != NULL && count < 5) { to while( tmpstr != NULL && count < MAX_FORWARDS) {
IMHO this should make that constant easier for do-it-yourselfers to find and modify.
This is a good idea, but we would need to watch out for buffer overflows. I think that the code assumes it can fit the entire lists of forwards into an arbitrarily-sized buffer. It would be better to have the size of the buffer based on MAX_FORWARDS * (MAX_ADDRESS_SIZE + 1).
Here are the lines that I think need to be changed to do that. (I'm not a c prog'er so check my work ;)
The MAX_ADDRESS_SIZE was picked arbitrarily. I added 2 to it instead of 1 to accomodate the "&" and the "\n" when calculating the NewBuf size.
These changes are against qmailadmin-1.2.0
qmailadmin.h
38a39,41 > #define MAX_ADDRESS_SIZE 80 > #define MAX_FORWARDS 5 >
user.c
367c367
< static char NewBuf[156];
---
> static char NewBuf[MAX_FORWARDS * (MAX_ADDRESS_SIZE + 2)];
744c744
< static char NewBuf[156];
---
> static char NewBuf[MAX_FORWARDS * (MAX_ADDRESS_SIZE + 2)];
916c916
< while( tmpstr != NULL && count < 5) {
---
> while( tmpstr != NULL && count < MAX_FORWARDS) {
Hope that's helpful. Mike Wright
-- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
