Mercurial > dovecot > core-2.2

changeset 18891:740935acc0f8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
lib: Fixed read buffer overflow in wildcard_match*() Patch by Hanno Böck. Note that input to wildard_match*() is always coming only from trusted sources, like config file or doveadm commands.
author Timo Sirainen <tss@iki.fi>
date Mon, 29 Jun 2015 13:06:03 +0300
parents 85822087fe3d
children b268e186d029
files src/lib/wildcard-match.c
diffstat 1 files changed, 4 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/src/lib/wildcard-match.c	Mon Jun 29 12:05:25 2015 +0300
+++ b/src/lib/wildcard-match.c	Mon Jun 29 13:06:03 2015 +0300
@@ -35,10 +35,10 @@
 	  return ma[0] == '\0' ? MATCH : NOMATCH;
   }
   /* find the end of each string */
-  while (*(++mask));
-  mask--;
-  while (*(++data));
-  data--;
+  while (*(mask++));
+  mask-=2;
+  while (*(data++));
+  data-=2;
 
   while (data >= na) {
     /* If the mask runs out of chars before the string, fall back on