[Minor] Fix rare case of off-by-one read

author Vsevolod Stakhov <vsevolod@highsecure.ru>

Tue, 24 Nov 2020 12:06:19 +0000 (12:06 +0000)

committer Vsevolod Stakhov <vsevolod@highsecure.ru>

Tue, 24 Nov 2020 12:06:40 +0000 (12:06 +0000)
author Vsevolod Stakhov <vsevolod@highsecure.ru>
Tue, 24 Nov 2020 12:06:19 +0000 (12:06 +0000)
committer Vsevolod Stakhov <vsevolod@highsecure.ru>
Tue, 24 Nov 2020 12:06:40 +0000 (12:06 +0000)
diff --git a/src/libmime/message.c b/src/libmime/message.c

index 411b872c92520d2e4f2afe83d8e5e544483ac419..10de8ce53f30ad0cb6433a38ea616f70d11cd12b 100644 (file)
--- a/src/libmime/message.c
+++ b/src/libmime/message.c
@@ -275,7 +275,16 @@ rspamd_strip_newlines_parse (struct rspamd_task *task,
                         }
                 }
  
-               if (G_UNLIKELY (*p) == '\r') {
+               if (G_UNLIKELY (p >= pe)) {
+                       /*
+                        * This is reached when there is a utf8 part and we
+                        * have zero width spaces at the end of the text
+                        * So we just check overflow and refuse to access *p if it is
+                        * after our real content.
+                        */
+                       break;
+               }
+               else if (G_UNLIKELY (*p) == '\r') {
                         switch (state) {
                         case normal_char:
                                 state = seen_cr;
author	Vsevolod Stakhov <vsevolod@highsecure.ru>
	Tue, 24 Nov 2020 12:06:19 +0000 (12:06 +0000)
committer	Vsevolod Stakhov <vsevolod@highsecure.ru>
	Tue, 24 Nov 2020 12:06:40 +0000 (12:06 +0000)