# HG changeset patch
# User Timo Sirainen <tss@iki.fi>
# Date 1111687536 -7200
# Node ID 746c309e366cb584b1ecad4903bc6001a59ac97d
# Parent  23e5925c48ddd8ae6d5eca2be648c7b35216aa53
If transaction log record size is too large, mark the file corrupted.

diff -r 23e5925c48dd -r 746c309e366c src/lib-index/mail-transaction-log.c
--- a/src/lib-index/mail-transaction-log.c	Fri Mar 18 21:45:59 2005 +0200
+++ b/src/lib-index/mail-transaction-log.c	Thu Mar 24 20:05:36 2005 +0200
@@ -718,8 +718,18 @@
 			return -1;
 		}
 
-		if (file->sync_offset - file->buffer_offset + hdr_size > size)
+		if (file->sync_offset - file->buffer_offset + hdr_size > size) {
+			/* record goes outside the file we've seen. or if
+			   we're accessing the log file via unlocked mmaped
+			   memory, it may be just that the memory was updated
+			   after we checked the file size. */
+			if (file->locked || file->mmap_base == NULL) {
+				mail_transaction_log_file_set_corrupted(file,
+					"hdr.size too large (%u)", hdr_size);
+				return -1;
+			}
 			break;
+		}
 		file->sync_offset += hdr_size;
 	}
 	return 0;