Re: svn r486, crash while handling f=f mail

Hi,

* Daniel Vrcic [05-09-08 19:14:22 +0200] wrote:

> The problem is in rfc3676.c, on line 202 and 203. Mentioned line causes
> curline_len + buf_len - buf_off to be equal 0 which causes curline
> pointer to point to the NULL. In the next line (203) strcpy is trying to
> copy to the NULL pointer which leads to SIGSEGV signal.

Does that tell you a debugger? curline_len is always set to 1 so even if 
buf_len == buf_off, the result will be 1. Maybe I'm blind but I don't 
see how buf_len and/or buf_off can turn negative... Can please do two 
things:

- forward such a mail to the devel list

- and see if the attached patch helps (it solves the only problem I see 
  so far) though I doubt it

IMHO it's better to take this to devel...

  bye, Rocco
--
:wq!

patch1.diff
Description: Text document