On Tue 18 Feb 2014 at 16:01:04 -0800, walt wrote: > My theory ATM is that there are at least two different bugs bugging me :) > > The crash caused by the article above *may* be fixed by the change below: > > diff --git a/pan/data/article-cache.cc b/pan/data/article-cache.cc > index 0ac3d57..537504e 100644 > --- a/pan/data/article-cache.cc > +++ b/pan/data/article-cache.cc > @@ -117,7 +117,6 @@ ArticleCache :: message_id_to_filename (char * buf, int > len, const StringView& m > break; > case '<': case '>': /* these are illegal too, but rather than > encoding > them, follow the convention of omitting them > */ > - break; > default: > *out++ = *in; > break;
Looking at the surrounding code, it seems rather implausible to me that removing that "break" would prevent a crash somehow. The reverse, in fact. Without the break, the characters '<' and '>' when encountered in a message ID (and they surround it, so I presume this function will see them) will be copied into the output buffer which is used for a cache (?) file name. With the break, they are omitted. And if that buffer is exactly the right size for the name without those characters, then with the 'break' omitted it may overflow. Note that I have only looked at this bit of code in its context of the function in file article-cache.cc, and no more. So it could be wrong. (I may have been in a comment I wrote about some other software, elsewhere, so I'm going to be a bit more cautions here ;-) Note that on Unix you can perfectly well have files with < and > in them, but not on MSWindows. On Unix, the only 2 things you can't have are '/' and '\0' (although lots of characters may cause difficulties for the users). -Olaf. -- ___ Olaf 'Rhialto' Seibert -- The Doctor: No, 'eureka' is Greek for \X/ rhialto/at/xs4all.nl -- 'this bath is too hot.'
pgpJ7Tx_kn153.pgp
Description: PGP signature
_______________________________________________ Pan-users mailing list Pan-users@nongnu.org https://lists.nongnu.org/mailman/listinfo/pan-users
