[dovecot-cvs] dovecot/src/lib-index mail-transaction-log.c, 1.90,
1.91
cras at dovecot.org
cras at dovecot.org
Thu Mar 24 20:05:38 EET 2005
Update of /var/lib/cvs/dovecot/src/lib-index
In directory talvi:/tmp/cvs-serv2082
Modified Files:
mail-transaction-log.c
Log Message:
If transaction log record size is too large, mark the file corrupted.
Index: mail-transaction-log.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/lib-index/mail-transaction-log.c,v
retrieving revision 1.90
retrieving revision 1.91
diff -u -d -r1.90 -r1.91
--- mail-transaction-log.c 5 Mar 2005 19:23:28 -0000 1.90
+++ mail-transaction-log.c 24 Mar 2005 18:05:36 -0000 1.91
@@ -718,8 +718,18 @@
return -1;
}
- if (file->sync_offset - file->buffer_offset + hdr_size > size)
+ if (file->sync_offset - file->buffer_offset + hdr_size > size) {
+ /* record goes outside the file we've seen. or if
+ we're accessing the log file via unlocked mmaped
+ memory, it may be just that the memory was updated
+ after we checked the file size. */
+ if (file->locked || file->mmap_base == NULL) {
+ mail_transaction_log_file_set_corrupted(file,
+ "hdr.size too large (%u)", hdr_size);
+ return -1;
+ }
break;
+ }
file->sync_offset += hdr_size;
}
return 0;
More information about the dovecot-cvs
mailing list