Mercurial > dovecot > core-2.2
changeset 18891:740935acc0f8
lib: Fixed read buffer overflow in wildcard_match*()
Patch by Hanno Böck.
Note that input to wildard_match*() is always coming only from trusted
sources, like config file or doveadm commands.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 29 Jun 2015 13:06:03 +0300 |
parents | 85822087fe3d |
children | b268e186d029 |
files | src/lib/wildcard-match.c |
diffstat | 1 files changed, 4 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib/wildcard-match.c Mon Jun 29 12:05:25 2015 +0300 +++ b/src/lib/wildcard-match.c Mon Jun 29 13:06:03 2015 +0300 @@ -35,10 +35,10 @@ return ma[0] == '\0' ? MATCH : NOMATCH; } /* find the end of each string */ - while (*(++mask)); - mask--; - while (*(++data)); - data--; + while (*(mask++)); + mask-=2; + while (*(data++)); + data-=2; while (data >= na) { /* If the mask runs out of chars before the string, fall back on