dovecot-2.1-pigeonhole: lib-sieve: Fixed code block read bounds ...
pigeonhole at rename-it.nl
pigeonhole at rename-it.nl
Sun Sep 15 18:48:31 EEST 2013
details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/0ad4ca692650
changeset: 1696:0ad4ca692650
user: Stephan Bosch <stephan at rename-it.nl>
date: Sun Sep 15 17:47:53 2013 +0200
description:
lib-sieve: Fixed code block read bounds checking.
diffstat:
src/lib-sieve/sieve-binary-code.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diffs (30 lines):
diff -r c20d078d0cf4 -r 0ad4ca692650 src/lib-sieve/sieve-binary-code.c
--- a/src/lib-sieve/sieve-binary-code.c Sun Sep 15 12:19:10 2013 +0200
+++ b/src/lib-sieve/sieve-binary-code.c Sun Sep 15 17:47:53 2013 +0200
@@ -214,7 +214,7 @@
((const int8_t *) (&_code[*address]))
#define ADDR_BYTES_LEFT(address) \
- ((_code_size) - (*address))
+ ((*address) > _code_size ? 0 : ((_code_size) - (*address)))
#define ADDR_JUMP(address, offset) \
(*address) += offset
@@ -350,7 +350,7 @@
ADDR_CODE_READ(sblock);
- if ( ADDR_BYTES_LEFT(address) <= 0 )
+ if ( ADDR_BYTES_LEFT(address) == 0 )
return FALSE;
(*offset_r) = code = ADDR_DATA_AT(address);
@@ -382,7 +382,7 @@
if ( objs->count == 1 )
return objs->objects;
- if ( ADDR_BYTES_LEFT(address) <= 0 )
+ if ( ADDR_BYTES_LEFT(address) == 0 )
return NULL;
code = ADDR_DATA_AT(address);
More information about the dovecot-cvs
mailing list