From d9cfb9960dd1f39861e592d5eef4589810f2cb48 Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Sun, 29 Mar 2020 00:38:37 +0100
Subject: Fix garbage at end of plugin string with %h and/or %p

Commit 418cda65 from merge request !5 fixed an input buffer overrun but at the
same time caused the terminating NUL byte in the output buffer to be written
too late, 2 bytes per placeholder.

Fix the size calculation for correctness, and use the output index
and not the output length to terminate the output string.

Fixes #16, reported by Stefan Thurner. [All references for Gitlab.]
---
 NEWS | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index c9c86b54..a4f8b40b 100644
--- a/NEWS
+++ b/NEWS
@@ -65,6 +65,16 @@ removed from a 6.5.0 or newer release.)
 
 --------------------------------------------------------------------------------
 
+fetchmail-6.4.3 (WIP)
+
+## BUGFIX:
+* fetchmail terminated the placeholder command string too late and included
+  garbage from the heap at the end of the string. Workaround: don't use place-
+  holders %h or %p in the --plugin string. Bug added in 6.4.0 when merging
+  Gitlab merge request !5 in order to fix an input buffer overrun.
+  Faulty commit 418cda65f752e367fa663fd13884a45fcbc39ddd.
+  Reported by Stefan Thurner.
+
 fetchmail-6.4.2 (released 2020-02-14, 27473 LoC):
 
 ## BREAKING CHANGES:
-- 
cgit v1.2.3