From 92921b1d3b7262eaa0fbb095cc714098b431c2f9 Mon Sep 17 00:00:00 2001 From: Oswald Buddenhagen Date: Wed, 24 Nov 2021 17:51:06 +0100 Subject: [PATCH] reject messages that grow too large due to conversion that shouldn't really be a problem, as we have 2GB of headroom, and most growth would happen when sending an all-newlines message from maildir to imap (due to CR additions), which is mostly non-critical. but better safe than sorry. --- src/sync.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/sync.c b/src/sync.c index 978521c..32d4fa1 100644 --- a/src/sync.c +++ b/src/sync.c @@ -494,6 +494,12 @@ copy_msg_convert( int in_cr, int out_cr, copy_vars_t *vars, int t ) } vars->data.len = in_len + extra; + if (vars->data.len > INT_MAX) { + warn( "Warning: message %u from %s is too big after conversion; skipping.\n", + vars->msg->uid, str_fn[1-t] ); + free( in_buf ); + return 0; + } char *out_buf = vars->data.data = nfmalloc( vars->data.len ); idx = 0; if (vars->srec) {