http://bugzilla.spamassassin.org/show_bug.cgi?id=3212
------- Additional Comments From [EMAIL PROTECTED] 2004-03-30 19:45 -------
stupid C and it's memory handling! ;) nice catch though.
original:
if (m->out != NULL && m->out != m->raw)
free(m->out);
if (m->raw != NULL)
free(m->raw);
could be changed to:
if (m->out != NULL && m->pre != NULL && m->out != m->pre+m->pre_len)
free(m->out);
if (m->raw != NULL)
free(m->raw);
from my investigation of the code, m->out will end up getting a malloc() call
which will keep it out of
the way of m->pre and m->pre_len. but as far as I can tell, m->pre and
m->pre_len only get defined
and set in message_read_bsmtp, so in theory, they should be safe.
thoughts?
BTW: as a clarification for the above... by default, raw=null, out=null,
pre=null, pre_len=0. in
message_read_raw, out=raw. in message_read_bsmtp, out=raw+i, pre=raw,
pre_len=i. so in theory, if
pre==null, then out==raw, so don't free. if pre!=null, we can see if
out==pre+pre_len, which would
be the same as out==raw+i, which is how it's set in message_read_bsmtp.
so I think that's all right, but my C is very rusty.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
