dovecot-2.2: message-decoder: Fixed assert-crash when trying to ...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.2/rev/cf7b590d19f9
changeset: 16074:cf7b590d19f9
user:      Timo Sirainen <tss at iki.fi>
date:      Wed Feb 27 13:05:40 2013 +0200
description:
message-decoder: Fixed assert-crash when trying to decode partial character twice.

diffstat:

 src/lib-mail/message-decoder.c |  14 +++++++++++---
 1 files changed, 11 insertions(+), 3 deletions(-)

diffs (34 lines):

diff -r a46951762a27 -r cf7b590d19f9 src/lib-mail/message-decoder.c
--- a/src/lib-mail/message-decoder.c	Tue Feb 26 10:37:19 2013 +0200
+++ b/src/lib-mail/message-decoder.c	Wed Feb 27 13:05:40 2013 +0200
@@ -207,7 +207,7 @@
 {
 	unsigned char trans_buf[MAX_TRANSLATION_BUF_SIZE+1];
 	unsigned int data_wanted, skip;
-	size_t trans_size;
+	size_t trans_size, orig_size;
 
 	/* @UNSAFE: move the previously untranslated bytes to trans_buf
 	   and see if we have now enough data to get the next character
@@ -218,11 +218,19 @@
 		data_wanted = *size;
 	memcpy(trans_buf + ctx->translation_size, *data, data_wanted);
 
-	trans_size = ctx->translation_size + data_wanted;
+	orig_size = trans_size = ctx->translation_size + data_wanted;
 	(void)charset_to_utf8(ctx->charset_trans, trans_buf,
 			      &trans_size, ctx->buf2);
 
-	i_assert(trans_size > ctx->translation_size);
+	if (trans_size < ctx->translation_size) {
+		/* need more data to finish the translation. */
+		i_assert(orig_size < MAX_TRANSLATION_BUF_SIZE);
+		memcpy(ctx->translation_buf, trans_buf, orig_size);
+		ctx->translation_size = orig_size;
+		*data += *size;
+		*size = 0;
+		return;
+	}
 	skip = trans_size - ctx->translation_size;
 
 	i_assert(*size >= skip);