use of strlcpy on overlapping source and destination
Florian Schlichting
fschlich at cis.fu-berlin.de
Wed Jan 15 17:52:08 UTC 2014
On Wed, Jan 15, 2014 at 06:09:09PM +0100, Florian Schlichting wrote:
> While testing, it occurred to me that the From address check could
> easily be improved to check for the existence of at least one character
> before the '@' (more checks are certainly possible, but better left to
> the posting filter...):
>
>
> --- a/nnrpd/post.c
> +++ b/nnrpd/post.c
> @@ -1088,7 +1088,7 @@ ARTpost(char *article, char *idbuff, bool ihave, bool *permanent)
> else
> *p++ = ' ';
> HeaderCleanFrom(frombuf);
> - p = strchr(frombuf, '@');
> + p = strchr(frombuf+1, '@');
> if (p) {
> p = strrchr(p+1, '.');
> if (!p) {
sent the mail, left the office and thought: ah, what if frombuf at that
point is an empty string? So maybe not so easy. Better scrap that part.
Florian
More information about the inn-workers
mailing list