]> granicus.if.org Git - mutt/commitdiff
projects / mutt / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 85eb726)
Fix a possible buffer overflow. (This seems to be the one noticed
authorThomas Roessler <roessler@does-not-exist.org>
Tue, 10 Nov 1998 20:23:29 +0000 (20:23 +0000)
committerThomas Roessler <roessler@does-not-exist.org>
Tue, 10 Nov 1998 20:23:29 +0000 (20:23 +0000)
by Pavel Gulchouck <gul@lucky.net>.)

edit.c patch | blob | history

diff --git a/edit.c b/edit.c
index 3fe95224a7db0a073bdcc5d42b9a22610a4e829e..6cf7bd72c7cbf8578db049693f8b3d1172ae6382 100644 (file)
--- a/edit.c
+++ b/edit.c
@@ -357,7 +357,7 @@ int mutt_builtin_editor (const char *path, HEADER *msg, HEADER *cur)
          if (Context)
          {
            if (!*p && cur)
-           {
+           {
              /* include the current message */
              p = tmp + strlen (tmp) + 1;
              snprintf (tmp + strlen (tmp), sizeof (tmp) - strlen (tmp), " %d",
@@ -447,7 +447,7 @@ int mutt_builtin_editor (const char *path, HEADER *msg, HEADER *cur)
       done = 1;
     else
     {
-      strcat (tmp, "\n");
+      strncat (tmp, "\n", sizeof(tmp)); tmp[sizeof(tmp) - 1] = '\0';
       if (buflen == bufmax)
        safe_realloc ((void **)&buf, sizeof (char *) * (bufmax += 25));
       buf[buflen++] = safe_strdup (tmp[1] == '~' ? tmp + 1 : tmp);
Unnamed repository; edit this file 'description' to name the repository.