On 2026-06-19T15:46:44+0800, Kevin J. McCarthy wrote:
> Previously, if "b" was length 127, the loop would terminate after
> copying bytes 0..125. The final for loop increment would set i=126.
> Then, "tmp[i+1] = 0" would nul-terminate the string at byte 127. So
> byte 126 would be unset.
>
> Note that since none of the Capabilities mutt were passing are that
> long, the bug wouldn't matter, but it was a confusing and buggy
> function in any case. :D
>
> Thanks to Acts1631 for the bug report.
>
> Thanks to Alejandro Colomar for his discussion and proposed patches,
> which motivated the use of strcspn() here, along with defining
> ASCII_WS.
>
> Also thanks to Kurt Hackenberg and Ian Collier for their discussion
> and proposals, leading to the removal of the tmp[] array completely.
> ---
>
> I'm tossing this out for review. I have compiled and tested it, but
> I'm tired enough that I probably shouldn't be sending patches right now.
>
> But I'll email this out for semi-official review, and I will take
> another look and test it a bit more over the next few days!
>
> imap/util.c | 23 ++++++-----------------
> lib.h | 1 +
> 2 files changed, 7 insertions(+), 17 deletions(-)
>
> diff --git a/imap/util.c b/imap/util.c
> index 9b6ef7b4..66b41917 100644
> --- a/imap/util.c
> +++ b/imap/util.c
> @@ -880,26 +880,15 @@ void imap_unmunge_mbox_name(IMAP_DATA *idata, char *s)
> FREE(&buf);
> }
>
> -/* imap_wordcasecmp: find word a in word list b */
> +/* imap_wordcasecmp: compares word a against the initial ASCII_WS
> + * delimited word in word list b */
> int imap_wordcasecmp(const char *a, const char *b)
> {
> - char tmp[SHORT_STRING];
> - const char *s = b;
> - int i;
> + size_t a_len, b_len;
>
> - tmp[SHORT_STRING-1] = 0;
> - for (i=0;i < SHORT_STRING-2;i++,s++)
> - {
> - if (!*s || IS_ASCII_WS(*s))
> - {
> - tmp[i] = 0;
> - break;
> - }
> - tmp[i] = *s;
> - }
> - tmp[i+1] = 0;
> -
> - return ascii_strcasecmp(a, tmp);
> + a_len = mutt_strlen(a);
> + b_len = b ? strcspn(b, ASCII_WS) : 0;
> + return ascii_strncasecmp(a, b, MAX(a_len, b_len));Reviewed-by: Alejandro Colomar <[email protected]> > } > > /* > diff --git a/lib.h b/lib.h > index 830459d6..72e3a498 100644 > --- a/lib.h > +++ b/lib.h > @@ -113,6 +113,7 @@ > * 0x09-0x0d (\t \n \v \f \r) > * 0x20 (space) > */ > +#define ASCII_WS " \t\n\v\f\r" > #define IS_ASCII_WS(c) ((9 <= (c) && (c) <= 13) || (c) == 32) > > #define SKIP_ASCII_WS(c) while (IS_ASCII_WS(*(c))) c++; > -- > 2.54.0 > -- <https://www.alejandro-colomar.es>
signature.asc
Description: PGP signature
