[prev in list] [next in list] [prev in thread] [next in thread]
List: kmail-devel
Subject: Re: [Bug 121650] Crash when opening an spam mail from imap
From: Allen Winter <winter () kde ! org>
Date: 2006-08-29 19:06:32
Message-ID: 200608291506.32525.winter () kde ! org
[Download RAW message or body]
On Tuesday 29 August 2006 14:22, Ingo Klöcker wrote:
> On Tuesday 29 August 2006 15:43, Allen Winter wrote:
> > On Tuesday 29 August 2006 09:23, Ingo Klöcker wrote:
> > > Am Dienstag, 29. August 2006 14:41 schrieb Allen Winter:
> > > > --- branches/KDE/3.5/kdepim/kmail/kmmessage.cpp #578484:578485
> > > > @ -3985,6 +3985,9 @
> > > >
> > > > //---------------------------------------------------------------
> > > >---- ---------- void KMMessage::updateBodyPart(const QString
> > > > partSpecifier, const QByteArray & data) {
> > > > + if ( !data.data() || !data.size() )
> > > > + return;
> > > > +
> > > > DwString content( data.data(), data.size() );
> > > > if ( numBodyParts() > 0 &&
> > > > partSpecifier != "0" &&
> > >
> > > This fix doesn't look correct. According to the backtrace the crash
> > > happens in the line
> > > content.resize( content.length()-2 );
> > > because of an integer underflow. DwString::resize() is called with
> > > length aLen=4294967295 (see stack frame #12).
> > >
> > > A better fix would be something like
> > > content.resize( QMAX( content.length(), 2 ) - 2 );
> >
> > But content seems hosed because the constructor is getting bogus
> > data().
>
> Don't know. It seems that data is of size 1 (because 1-2 == -1 ==
> 4294967295 in uint32). The comment before the resize, i.e. "get rid of
> EOL", seems to suggest that data should at least contain CRLF. Maybe
> for some reason the IMAP server doesn't add a trailing CRLF? Or it only
> adds an LF (which would be a violation of the IMAP spec which demands
> CRLF-line-endings)? I'm not sure whether it's worth to look further
> into this since the crash seems to be fixed now.
>
Ahh.. so that makes sense.
I'm concerned then that we might be stripping 1 extra char if an LF only is sent.
Basically we want to strip off trailing whitespace.. .do you agree?
Too bad we have a DwString and not a QString.
--
KDE: Same Thing We Do Everyday... Try to Conquer the World
_______________________________________________
KMail developers mailing list
KMail-devel@kde.org
https://mail.kde.org/mailman/listinfo/kmail-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic