From 138baebcae334c2c222c0d0299148fe1aef0315c Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Sun, 21 Aug 2011 15:07:48 +0200 Subject: Critical fix: don't embed NUL in unterminated last IMAP line. Found by Antoine Levitt. --- transact.c | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'transact.c') diff --git a/transact.c b/transact.c index d1e4f6a9..ec8013a5 100644 --- a/transact.c +++ b/transact.c @@ -1435,7 +1435,15 @@ int readbody(int sock, struct query *ctl, flag forward, int len) * so we might end truncating messages prematurely. */ if (!protocol->delimited && linelen > len) { + /* FIXME: HACK ALERT! This \r\n is only here to make sure the + * \n\0 hunt works later on. The \n generated here was not + * part of the original message! + * The real fix will be to use buffer + length strings, + * rather than 0-terminated C strings. */ + inbufp[len++] = '\r'; + inbufp[len++] = '\n'; inbufp[len] = '\0'; + linelen = len; } len -= linelen; -- cgit v1.2.3