Mercurial > dovecot > original-hg > dovecot-2.1
changeset 14928:cf7b590d19f9
message-decoder: Fixed assert-crash when trying to decode partial character twice.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Wed, 27 Feb 2013 13:05:40 +0200 |
| parents | a46951762a27 |
| children | 311371856dcf |
| files | src/lib-mail/message-decoder.c |
| diffstat | 1 files changed, 11 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib-mail/message-decoder.c Tue Feb 26 10:37:19 2013 +0200 +++ b/src/lib-mail/message-decoder.c Wed Feb 27 13:05:40 2013 +0200 @@ -207,7 +207,7 @@ { unsigned char trans_buf[MAX_TRANSLATION_BUF_SIZE+1]; unsigned int data_wanted, skip; - size_t trans_size; + size_t trans_size, orig_size; /* @UNSAFE: move the previously untranslated bytes to trans_buf and see if we have now enough data to get the next character @@ -218,11 +218,19 @@ data_wanted = *size; memcpy(trans_buf + ctx->translation_size, *data, data_wanted); - trans_size = ctx->translation_size + data_wanted; + orig_size = trans_size = ctx->translation_size + data_wanted; (void)charset_to_utf8(ctx->charset_trans, trans_buf, &trans_size, ctx->buf2); - i_assert(trans_size > ctx->translation_size); + if (trans_size < ctx->translation_size) { + /* need more data to finish the translation. */ + i_assert(orig_size < MAX_TRANSLATION_BUF_SIZE); + memcpy(ctx->translation_buf, trans_buf, orig_size); + ctx->translation_size = orig_size; + *data += *size; + *size = 0; + return; + } skip = trans_size - ctx->translation_size; i_assert(*size >= skip);