Mercurial > dovecot > original-hg > dovecot-1.2

changeset 4997:b76f864f0e0b HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
When searching MIME body headers, make sure we don't go out of bounds with broken MIME messages and cause assert-crash.
author Timo Sirainen <tss@iki.fi>
date Tue, 09 Jan 2007 22:19:32 +0200
parents cfef56a6bf4a
children f37c7895eb8f
files src/lib-mail/message-body-search.c
diffstat 1 files changed, 8 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/lib-mail/message-body-search.c	Tue Jan 09 13:40:07 2007 +0200
+++ b/src/lib-mail/message-body-search.c	Tue Jan 09 22:19:32 2007 +0200
@@ -100,7 +100,8 @@
 }
 
 static bool message_search_header(struct part_search_context *ctx,
-				  struct istream *input)
+				  struct istream *input,
+				  const struct message_part *part)
 {
 	struct header_search_context *hdr_search_ctx;
 	struct message_header_parser_ctx *hdr_ctx;
@@ -117,6 +118,10 @@
 	/* we default to text content-type */
 	ctx->content_type_text = TRUE;
 
+	input = i_stream_create_limit(default_pool, input, part->physical_pos,
+				      part->header_size.physical_size);
+	i_stream_seek(input, 0);
+
 	hdr_ctx = message_parse_header_init(input, NULL, TRUE);
 	while ((ret = message_parse_header_next(hdr_ctx, &hdr)) > 0) {
 		if (hdr->eoh)
@@ -156,6 +161,7 @@
 	}
 	i_assert(ret != 0);
 	message_parse_header_deinit(&hdr_ctx);
+	i_stream_destroy(&input);
 
 	return found;
 }
@@ -401,7 +407,7 @@
 
 		t_push();
 
-		if (message_search_header(&part_ctx, input)) {
+		if (message_search_header(&part_ctx, input, part)) {
 			/* found / invalid search key */
 			ret = 1;
 		} else if (part->children != NULL) {