rra at stanford.edu
Mon Jun 6 05:10:21 UTC 2005
Chris Caputo <ccaputo at alt.net> writes:
> Hi. I hope it is okay to send a patch to this list.
> I believe there is a bug in nnrpd/article.c:GetHeader().
> The "limit" var is being used for two different purposes. One being to
> keep the strncasecmp() from accessing data beyond the end of the line.
> The second being to keep various loop vars from going beyond the end of
> the line.
> At present, limit is set to be a number of characters (size of quest
> header) before the end of the message. This is good for the
> strncasecmp() scan but bad for the various single character scans.
> This is normally not a problem except when the header being searched for
> is the last header in a message which has a small or empty body (such as
> a cancel msg).
> The patch below creates a "limit" for the various single character scans
> and a "cmplimit" for just the strncasecmp() scan.
Good catch. Thanks! Applied.
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
Please send questions to the list rather than mailing me directly.
<http://www.eyrie.org/~eagle/faqs/questions.html> explains why.
More information about the inn-workers