On Tue, Jan 06, 2015 at 07:24:45PM +0100, Jonas 'Sortie' Termansen wrote: > On 01/06/2015 12:11 PM, Gilles Chehade wrote: > > Index: smtp_session.c > > =================================================================== > > RCS file: /cvs/src/usr.sbin/smtpd/smtp_session.c,v > > retrieving revision 1.221 > > diff -u -p -r1.221 smtp_session.c > > --- smtp_session.c 17 Dec 2014 15:49:23 -0000 1.221 > > +++ smtp_session.c 5 Jan 2015 22:36:55 -0000 > > @@ -315,7 +315,9 @@ header_append_domain_buffer(char *buffer > > has_domain = 1; > > if (buffer[i] == ':' && !escape && !comment && !quote) > > has_group = 1; > > - if (! isspace(buffer[i])) > > + > > + /* update insert point if not in comment and not on a > > whitespace */ > > + if (!comment && buffer[i] != ')' && !isspace((int)buffer[i])) > > This isspace call looks wrong, and looking at the source, so does nearby > isspace calls. The argument to isspace() must be EOF or representable as > an unsigned char; otherwise, the result is undefined. However, char is > signed on some platforms, and buffer is a char pointer here, meaning > out-of-range values might be passed. Casting to an int just sign extends > the potential negative values, rather than mapping them to the high > unsigned char values. The callers should be changed to the pattern > isspace((unsigned char)buffer[i]) instead. > > > pos_component = i; > > } >
as replied to your cc: offlist, you're right, i also spotted a few others, i'll fix them today, thanks ! -- Gilles Chehade https://www.poolp.org @poolpOrg
