[fetchmail-devel] Re: imap trail broken

[Sunil S. <sh...@bo...>]

Quoting from Matthias Andree's mail on Mon, Nov 14, 2005 at 11:42:25PM +0100:
> > Changes in imap_trail() in r4396 are incorrect and can cause segfault.
> 
> How can it cause segfault? It may eat too much garbage but I'd really
> like to see the backtrace to investigate - if a malicious upstream
> server can also trigger the segfault, we're in trouble.

...

> > -	    t = buf + strspn(t, " \t");
                             ^

In the original code, the variable 't' passed to strspn() is
uninitialized.

Thomas Wolff has already reported a segfault for rc8 in the
fetchmail-users list. This could be a reason for that. Are you
releasing rc9 soon?

-- 
Sunil Shetye.