This patch fixes the buffer overflow previously pointed by Thiago. diff -Nur imap-4.4.orig/src/ipopd/ipop2d.c imap-4.4/src/ipopd/ipop2d.c --- imap-4.4.orig/src/ipopd/ipop2d.c Thu Jun 3 18:35:15 1999 +++ imap-4.4/src/ipopd/ipop2d.c Thu Jun 3 18:37:02 1999 @@ -10,7 +10,10 @@ * Internet: MRCat_private * * Date: 28 October 1990 - * Last Edited: 13 July 1998 + * Last Edited: 3 June 1999 + * + * dumped (dumpedat_private) 3/Jun/99 : + * fixed a buffer overflow in c_fold() * * Copyright 1998 by the University of Washington * @@ -306,7 +309,8 @@ /* don't permit proxy to leave IMAP */ if (stream && stream->mailbox && (s = strchr (stream->mailbox,'}'))) { strncpy (tmp,stream->mailbox,i = (++s - stream->mailbox)); - strcpy (tmp+i,t); /* append mailbox to initial spec */ + strncpy (tmp+i,t,sizeof(tmp) - strlen(stream->mailbox)); + /* append mailbox to initial spec */ t = tmp; } /* open mailbox, note # of messages */
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:48:09 PDT