Fix filename length check in mime-handling
authorJeremy Harris <jgh146exb@wizmail.org>
Sun, 26 Nov 2017 15:22:38 +0000 (15:22 +0000)
committerHeiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>
Sun, 3 Dec 2017 18:50:26 +0000 (19:50 +0100)
src/src/mime.c

index 45cec29a5e72151c12c63b9dd5e06cb9abd17258..5d3505a7cd60c08fd45bef737e9d2cf42ac2c1ab 100644 (file)
@@ -490,6 +490,7 @@ while ((c = *fname))
     val = string_catn(val, fname++, 1);
 
 val = string_catn(val, US"?=", 2);
+*len = val->ptr;
 return string_from_gstring(val);
 }
 
@@ -646,9 +647,7 @@ while(1)
                  NULL, &err_msg);
                DEBUG(D_acl) debug_printf_indent("MIME:    plain-name %s\n", temp_string);
 
-               size = Ustrlen(temp_string);
-
-               if (size == slen)
+               if (!temp_string || (size = Ustrlen(temp_string))  == slen)
                  decoding_failed = TRUE;
                else
                  /* build up a decoded filename over successive