From 083d09f5b53508ba346f1a6bedfe449bfaadd3c4 Mon Sep 17 00:00:00 2001
From: Ricardo Mones <mones@claws-mail.org>
Date: Wed, 19 Sep 2012 22:50:44 +0000
Subject: [PATCH] 2012-09-19 [mones]	3.8.1cvs67

	* src/mainwindow.c
		Remove spurious parameter from get_url_part and
		fix potential buffer overflow
---
 ChangeLog        |  6 ++++++
 PATCHSETS        |  1 +
 configure.ac     |  2 +-
 src/mainwindow.c | 12 ++++++------
 4 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index b2e977097..aa8da2cfa 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2012-09-19 [mones]	3.8.1cvs67
+
+	* src/mainwindow.c
+		Remove spurious parameter from get_url_part and
+		fix potential buffer overflow
+
 2012-09-19 [colin]	3.8.1cvs66
 
 	* src/addressbook.c
diff --git a/PATCHSETS b/PATCHSETS
index 381084730..60368afd0 100644
--- a/PATCHSETS
+++ b/PATCHSETS
@@ -4441,3 +4441,4 @@
 ( cvs diff -u -r 1.274.2.351 -r 1.274.2.352 src/mainwindow.c;  cvs diff -u -r 1.105.2.176 -r 1.105.2.177 src/prefs_account.c;  cvs diff -u -r 1.1.2.33 -r 1.1.2.34 src/prefs_compose_writing.c;  cvs diff -u -r 1.1.2.23 -r 1.1.2.24 src/prefs_logging.c;  cvs diff -u -r 1.1.2.36 -r 1.1.2.37 src/prefs_message.c;  cvs diff -u -r 1.1.2.48 -r 1.1.2.49 src/prefs_msg_colors.c;  cvs diff -u -r 1.1.2.47 -r 1.1.2.48 src/prefs_other.c;  cvs diff -u -r 1.1.2.31 -r 1.1.2.32 src/prefs_receive.c;  cvs diff -u -r 1.1.2.71 -r 1.1.2.72 src/prefs_summaries.c;  cvs diff -u -r 1.1.2.25 -r 1.1.2.26 src/prefs_wrapping.c;  cvs diff -u -r 1.9.2.56 -r 1.9.2.57 src/common/ssl.c;  cvs diff -u -r 1.9.2.82 -r 1.9.2.83 src/gtk/gtkaspell.c;  ) > 3.8.1cvs64.patchset
 ( cvs diff -u -r 1.28.2.50 -r 1.28.2.51 src/addrindex.c;  cvs diff -u -r 1.14.2.64 -r 1.14.2.65 src/editaddress.c;  cvs diff -u -r 1.8.2.46 -r 1.8.2.47 src/editldap.c;  cvs diff -u -r 1.5.2.32 -r 1.5.2.33 src/exporthtml.c;  cvs diff -u -r 1.18.2.36 -r 1.18.2.37 src/jpilot.c;  cvs diff -u -r 1.49.2.150 -r 1.49.2.151 src/procmime.c;  cvs diff -u -r 1.1.2.43 -r 1.1.2.44 src/plugins/bogofilter/bogofilter_gtk.c;  cvs diff -u -r 1.1.2.38 -r 1.1.2.39 src/plugins/pgpcore/prefs_gpg.c;  cvs diff -u -r 1.1.2.12 -r 1.1.2.13 src/plugins/smime/smime.c;  cvs diff -u -r 1.23.2.60 -r 1.23.2.61 src/plugins/spamassassin/spamassassin_gtk.c;  ) > 3.8.1cvs65.patchset
 ( cvs diff -u -r 1.60.2.151 -r 1.60.2.152 src/addressbook.c;  cvs diff -u -r 1.3.2.12 -r 1.3.2.13 src/addrselect.c;  ) > 3.8.1cvs66.patchset
+( cvs diff -u -r 1.274.2.352 -r 1.274.2.353 src/mainwindow.c;  ) > 3.8.1cvs67.patchset
diff --git a/configure.ac b/configure.ac
index 7770aec5d..2c7800b5b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -12,7 +12,7 @@ MINOR_VERSION=8
 MICRO_VERSION=1
 INTERFACE_AGE=0
 BINARY_AGE=0
-EXTRA_VERSION=66
+EXTRA_VERSION=67
 EXTRA_RELEASE=
 EXTRA_GTK2_VERSION=
 
diff --git a/src/mainwindow.c b/src/mainwindow.c
index fae2b4c1f..03535fbf7 100644
--- a/src/mainwindow.c
+++ b/src/mainwindow.c
@@ -439,7 +439,7 @@ static gint mailing_list_create_submenu(MainWindow *mainwindow,
 
 static gint mailing_list_populate_submenu(GtkWidget *menu, const gchar * list_header);
 	
-static void get_url_part(const gchar **buf, gchar *url_decoded, gint maxlen);
+static void get_url_part(const gchar **buf, gchar *url_decoded);
 
 static void mailing_list_compose(GtkWidget *w, gpointer *data);
  
@@ -3561,7 +3561,7 @@ static gint mailing_list_populate_submenu (GtkWidget *menuitem, const gchar * li
 	g_list_free(children);
 	if (list_header) {
 		for (url_pt = list_header; url_pt && *url_pt;) {
-			get_url_part (&url_pt, url_decoded, BUFFSIZE);
+			get_url_part (&url_pt, url_decoded);
 			item = NULL;
 			if (!g_ascii_strncasecmp(url_decoded, "mailto:", 7)) {
  				item = gtk_menu_item_new_with_label ((url_decoded));
@@ -3593,7 +3593,7 @@ static gint mailing_list_populate_submenu (GtkWidget *menuitem, const gchar * li
 	return menu_nb;
 }
 
-static void get_url_part (const gchar **buffer, gchar *url_decoded, gint maxlen)
+static void get_url_part (const gchar **buffer, gchar *url_decoded)
 {
 	gchar tmp[BUFFSIZE];
 	const gchar *buf;
@@ -3617,7 +3617,7 @@ static void get_url_part (const gchar **buffer, gchar *url_decoded, gint maxlen)
 		if (!strncmp(buf, "mailto:", strlen("mailto:")))
 			with_plus = FALSE;
 		for (i = 0;
-		     *buf != '>' && *buf != 0x00 && i<maxlen && i < sizeof(tmp) - 1;
+		     *buf != '>' && *buf != 0x00 && i < BUFFSIZE;
 			tmp[i++] = *(buf++));
 		buf++;
 	}
@@ -3627,13 +3627,13 @@ static void get_url_part (const gchar **buffer, gchar *url_decoded, gint maxlen)
 		return;
 	}
 	
-	tmp[i]       = 0x00;
 	*url_decoded = '\0';
 	*buffer = NULL;
 	
-	if (i == maxlen) {
+	if (i == BUFFSIZE) {
 		return;
 	}
+	tmp[i] = 0x00;
 	decode_uri_with_plus (url_decoded, (const gchar *)tmp, with_plus);
 
 	/* Prepare the work for the next url in the list */
-- 
2.25.1