Summary: | URL parser will read out of bounds when closing bracket is missing in get_url_part | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Claws Mail (GTK 2) | Reporter: | Hanno Boeck <hanno> | ||||||||
Component: | Other | Assignee: | users | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | normal | ||||||||||
Priority: | P3 | ||||||||||
Version: | other | ||||||||||
Hardware: | PC | ||||||||||
OS: | Linux | ||||||||||
Attachments: |
|
Created attachment 1602 [details]
minimal email sample triggering the bug
Created attachment 1603 [details]
Address Sanitizer full debug output
Changes related to this bug have been committed. Please check latest Git and update the bug accordingly. You can also get the patch from: http://git.claws-mail.org/ ++ ChangeLog 2015-11-16 10:17:02.317616930 +0100 http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=c7030e74363abe028f4369c0dfc3762829db7b34 Merge: e8971e4 8f65fc9 Author: Colin Leroy <colin@colino.net> Date: Mon Nov 16 10:17:01 2015 +0100 Merge branch 'master' of file:///home/git/claws http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=8f65fc9f8be8d30ba67d8f4a64256e8645aa0dc1 Merge: 2a2a1bd 0314464 Author: Colin Leroy <colin@colino.net> Date: Mon Nov 16 10:17:24 2015 +0100 Merge branch 'master' of ssh+git://git.claws-mail.org/home/git/claws http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=2a2a1bd7db0949e1763661b6098b31a6cd82f617 Author: Colin Leroy <colin@colino.net> Date: Mon Nov 16 10:04:16 2015 +0100 Fix bug #3563 (URL parser will read out of bounds when closing bracket is missing in get_url_part) Patch by Hanno Boeck |
Created attachment 1601 [details] patch / fix The URL parser code in mainwindow.c will read beyond the bounds of its input buffer if an URL which is missing a closing bracket is passed. This can happen e.g. when the List-Archive header is broken (which currently seems to be the case with Google Groups due to a bug there). See attached patch which should fix this. This was found with address sanitizer. I'll also attach the address sanitizer error message and a minimal sample input mail that will trigger this bug.