Log of /trunk/Mix/Src/rfc822.c

---

Revision 27 - (view) (download) (annotate) - [select for diffs]
Modified Tue Dec 11 18:01:32 2001 UTC (11 years, 5 months ago) by rabbi
File length: 13496 byte(s)
Diff to previous 1

When quoted_string() was called with an unterminated quoted string,
buf_getc() returned -1, which was undetected by quoted_string(). Since the
buffer was already at the end, buf_getc() would continue returning -1 and
the code would keep appending 255 (signed->unsigned conversion) to the
buffer until the machine ran out of memory.

Now quoted_string will fail on an end of buffer, returning control
ultimately to select_chain. (Discovered by Nullify, fixed by Scott
Renfro.)

---

Revision 1 - (view) (download) (annotate) - [select for diffs]
Added Wed Oct 31 08:19:51 2001 UTC (11 years, 6 months ago) by rabbi
File length: 13410 byte(s)

Initial revision