From: Peter Wu <peter@lekensteyn.nl>
Date: Tue, 10 Feb 2015 17:29:24 +0000 (+0100)
Subject: Fix buffer underread for empty header values. (closes #3736)
X-Git-Tag: neomutt-20160307~80^2
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=dbdcdc465e8f0e1509d6c7516daab249baa5a8a4;p=neomutt

Fix buffer underread for empty header values. (closes #3736)

When a header has no value (*p == '\0' so l == 0), do not read outside
the buffer but print the newline anyway when a tag is already printed
(col != 0).

Caught by ASAN while opening a draft with no Subject.
---

diff --git a/sendlib.c b/sendlib.c
index f364f9f1e..9a3242ba0 100644
--- a/sendlib.c
+++ b/sendlib.c
@@ -1728,7 +1728,7 @@ static int fold_one_header (FILE *fp, const char *tag, const char *value,
 
   /* if we have printed something but didn't \n-terminate it, do it
    * except the last word we printed ended in \n already */
-  if (col && buf[l - 1] != '\n')
+  if (col && (l == 0 || buf[l - 1] != '\n'))
     if (putc ('\n', fp) == EOF)
       return -1;