Mercurial > dovecot > original-hg > dovecot-1.2

changeset 3218:746c309e366c HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
If transaction log record size is too large, mark the file corrupted.
author Timo Sirainen <tss@iki.fi>
date Thu, 24 Mar 2005 20:05:36 +0200
parents 23e5925c48dd
children b9e8420d979a
files src/lib-index/mail-transaction-log.c
diffstat 1 files changed, 11 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/lib-index/mail-transaction-log.c	Fri Mar 18 21:45:59 2005 +0200
+++ b/src/lib-index/mail-transaction-log.c	Thu Mar 24 20:05:36 2005 +0200
@@ -718,8 +718,18 @@
 			return -1;
 		}
 
-		if (file->sync_offset - file->buffer_offset + hdr_size > size)
+		if (file->sync_offset - file->buffer_offset + hdr_size > size) {
+			/* record goes outside the file we've seen. or if
+			   we're accessing the log file via unlocked mmaped
+			   memory, it may be just that the memory was updated
+			   after we checked the file size. */
+			if (file->locked || file->mmap_base == NULL) {
+				mail_transaction_log_file_set_corrupted(file,
+					"hdr.size too large (%u)", hdr_size);
+				return -1;
+			}
 			break;
+		}
 		file->sync_offset += hdr_size;
 	}
 	return 0;