[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mutt-dev
Subject:    Re: [PATCH] Fix oob reads when fgets returns "\0".  (closes #3776)
From:       "Kevin J. McCarthy" <kevin () 8t8 ! us>
Date:       2015-09-30 3:41:20
Message-ID: 20150930034120.GB1138 () qinghai
[Download RAW message or body]


On Wed, Sep 30, 2015 at 10:51:30AM +0800, Kevin J. McCarthy wrote:
> On Tue, Sep 29, 2015 at 07:23:57PM +0200, Oswald Buddenhagen wrote:
> > at face value, these fragments look too optimistic - the last line could
> > have no trailing newline, even if erroneously. not sure if that can
> > actually happen and whether it would be a problem, as i don't know the
> > context. possibly add comments.
> 
> That's a good catch.  I want to keep this commit focused on the oob
> read, but will look at the context of those two snippets next.
> 
> It looks like they should both be changed to
>   if (len && (email[len - 1] == '\n'))
>     email[len - 1] = '\0';
> but I'll take a closer look.

After taking a closer look, this does seem to be the correct fix.

The code intended to strip newlines from the output of
`openssl x509 -in  %f -noout -email` when extracting a list of email
addresses.  I made the above change and pushed it in a separate patch.

-- 
Kevin J. McCarthy
GPG Fingerprint: 8975 A9B3 3AA3 7910 385C  5308 ADEF 7684 8031 6BDA
http://www.8t8.us/configs/gpg-key-transition-statement.txt

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]