projects / claws.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix bug #3573: Out of bounds read in macro LBREAK_IF_REQUIRED
[claws.git] / src / codeconv.c
diff --git a/src/codeconv.c b/src/codeconv.c
index 39e259fc6bf31c9f89a591ec5e830fb6de1b3be0..11b23112c8b127fd15a653f9c8c04086ac8eec1c 100644 (file)
--- a/src/codeconv.c
+++ b/src/codeconv.c
@@ -158,7 +158,11 @@ static gint conv_jistoeuc(gchar *outbuf, gint outlen, const gchar *inbuf)
        gchar *out = outbuf;
        JISState state = JIS_ASCII;
 
-       while (*in != '\0' && (out - outbuf) > outlen - 3) {
+       /*
+        * Loop outputs up to 3 bytes in each pass (aux kanji) and we
+        * need 1 byte to terminate the output
+        */
+       while (*in != '\0' && (out - outbuf) < outlen - 4) {
                if (*in == ESC) {
                        in++;
                        if (*in == '$') {
@@ -294,7 +298,12 @@ static gint conv_euctojis(gchar *outbuf, gint outlen, const gchar *inbuf)
        gchar *out = outbuf;
        JISState state = JIS_ASCII;
 
-       while (*in != '\0' && (out - outbuf) < outlen - 3) {
+       /*
+        * Loop outputs up to 6 bytes in each pass (aux shift + aux
+        * kanji) and we need up to 4 bytes to terminate the output
+        * (ASCII shift + null)
+        */
+       while (*in != '\0' && (out - outbuf) < outlen - 10) {
                if (IS_ASCII(*in)) {
                        K_OUT();
                        *out++ = *in++;
@@ -382,6 +391,10 @@ static gint conv_sjistoeuc(gchar *outbuf, gint outlen, const gchar *inbuf)
        const guchar *in = inbuf;
        gchar *out = outbuf;
 
+       /*
+        * Loop outputs up to 2 bytes in each pass and we need 1 byte
+        * to terminate the output
+        */
        while (*in != '\0' && (out - outbuf) < outlen - 3) {
                if (IS_ASCII(*in)) {
                        *out++ = *in++;
@@ -1571,9 +1584,7 @@ gchar *conv_unmime_header(const gchar *str, const gchar *default_encoding,
                                left = MAX_LINELEN - 1;                 \
                        }                                               \
                } else if (destp == (guchar *)dest && left < 7) {       \
-                       if (isspace(*(destp - 1)))                      \
-                               destp--;                                \
-                       else if (is_plain_text && isspace(*srcp))       \
+                       if (is_plain_text && isspace(*srcp))            \
                                srcp++;                                 \
                        if (*srcp) {                                    \
                                *destp++ = '\n';                        \
Claws Mail