dovecot-2.2: lib: Fixed read buffer overflow in wildcard_match*()
dovecot at dovecot.org
dovecot at dovecot.org
Mon Jun 29 10:08:50 UTC 2015
details: http://hg.dovecot.org/dovecot-2.2/rev/740935acc0f8
changeset: 18891:740935acc0f8
user: Timo Sirainen <tss at iki.fi>
date: Mon Jun 29 13:06:03 2015 +0300
description:
lib: Fixed read buffer overflow in wildcard_match*()
Patch by Hanno Böck.
Note that input to wildard_match*() is always coming only from trusted
sources, like config file or doveadm commands.
diffstat:
src/lib/wildcard-match.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
diffs (18 lines):
diff -r 85822087fe3d -r 740935acc0f8 src/lib/wildcard-match.c
--- a/src/lib/wildcard-match.c Mon Jun 29 12:05:25 2015 +0300
+++ b/src/lib/wildcard-match.c Mon Jun 29 13:06:03 2015 +0300
@@ -35,10 +35,10 @@
return ma[0] == '\0' ? MATCH : NOMATCH;
}
/* find the end of each string */
- while (*(++mask));
- mask--;
- while (*(++data));
- data--;
+ while (*(mask++));
+ mask-=2;
+ while (*(data++));
+ data-=2;
while (data >= na) {
/* If the mask runs out of chars before the string, fall back on
More information about the dovecot-cvs
mailing list