#3722: rfc2047.c off-by-one and resource leak
-------------------------+----------------------
Reporter: MegaManSec | Owner: mutt-dev
Type: defect | Status: new
Priority: minor | Milestone:
Component: mutt | Version:
Resolution: | Keywords:
-------------------------+----------------------
Comment (by dgc):
Item 1: this may truncate the string by one byte, but it is safe. pd/d0
are not used as C-strings internally, so no null termination is needed.
The memory is not returned to caller. The string is used to strncpy()
safely into the destination address provided by caller.
Item 2: pd is not leaked. pd was set equal to d0 at start of scope, and d0
was freed. pd was altered during the interim, and is no longer a valid
subject for free.
--
Ticket URL: <http://dev.mutt.org/trac/ticket/3722#comment:1>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
