diff options
| author | Matthias Andree <matthias.andree@gmx.de> | 2005-12-08 12:02:48 +0000 |
|---|---|---|
| committer | Matthias Andree <matthias.andree@gmx.de> | 2005-12-08 12:02:48 +0000 |
| commit | b3f58d5f75da9c28129972ce2343f423afadb5ff (patch) | |
| tree | e9f247243fd8a1b7bac463ad2115d90b42d380b6 /driver.c | |
| parent | 7c86b3e1104b542a78984a596200cf759a5f3623 (diff) | |
| download | fetchmail-b3f58d5f75da9c28129972ce2343f423afadb5ff.tar.gz fetchmail-b3f58d5f75da9c28129972ce2343f423afadb5ff.tar.bz2 fetchmail-b3f58d5f75da9c28129972ce2343f423afadb5ff.zip | |
Plug potential memory and socket leak when polling multiple folders or when the upstream sends bogus message sizes. Patch by Sunil Shetye.
svn path=/branches/BRANCH_6-3/; revision=4527
Diffstat (limited to 'driver.c')
| -rw-r--r-- | driver.c | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -1373,7 +1373,8 @@ is restored.")); if (count > INT_MAX/sizeof(int)) { report(stderr, GT_("bogus message count!")); - return(PS_PROTOCOL); + err = PS_PROTOCOL; + goto cleanUp; } /* @@ -1389,6 +1390,7 @@ is restored.")); if (proto->getsizes && !(proto->getpartialsizes && NUM_NONZERO(ctl->fetchsizelimit))) { + xfree(msgsizes); msgsizes = xmalloc(sizeof(int) * count); for (i = 0; i < count; i++) msgsizes[i] = 0; |