#3988: signed integer overflow in mbox_parse_mailbox
  Reporter:  josephbisch  |      Owner:  mutt-dev
      Type:  defect       |     Status:  new
  Priority:  major        |  Milestone:
 Component:  mutt         |    Version:
Resolution:               |   Keywords:

Comment (by vinc17):

 I think that the attached patch should fix the problem in practice.

 Now, this may not be a big problem since an invalid content-length means
 that the user has edited the mbox file with a text editor or there is a
 bug in some software.

 Note: Obviously, MDA's should remove the "Content-Length:" header if
 invalid otherwise there is a risk of mail loss (for instance, if a second
 message is received and the content-length points just after this second
 message, so that the second message is regarded as part of the first
 message, which could be a spam).

Ticket URL: <https://dev.mutt.org/trac/ticket/3988#comment:2>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

Reply via email to