From aaaa3be69c5a4f59d1aa4ad4cee2be3de277892b Mon Sep 17 00:00:00 2001
From: Jeffrey Stedfast <fejj@helixcode.com>
Date: Fri, 17 Nov 2000 08:11:29 +0000
Subject: When extracting a literal string, capture up until the end of the
 last

2000-11-17  Jeffrey Stedfast  <fejj@helixcode.com>

	* providers/imap/camel-imap-utils.c (imap_parse_nstring): When
	extracting a literal string, capture up until the end of the last
	line - this we we don't lose any data if the byte count is off.

	* providers/imap/camel-imap-command.c (imap_read_untagged): Use
	the byte-read count to decrement the number of bytes left to read
	rather than using strlen. Not only does this protect against a DoS
	(embedded NUL chars in the literal string would make strlen
	inaccurate) but it also improves performace a little.

	* camel-remote-store.c (remote_recv_line): *Sigh* Return the
	number of bytes read on success rather than 0. Also don't use
	camel_stream_buffer_read_line since we can't get an accurate octet
	count.

svn path=/trunk/; revision=6600
---
 camel/ChangeLog                         | 4 ++++
 camel/providers/imap/camel-imap-utils.c | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/camel/ChangeLog b/camel/ChangeLog
index 38ec264d57..734bbbe75f 100644
--- a/camel/ChangeLog
+++ b/camel/ChangeLog
@@ -1,5 +1,9 @@
 2000-11-17  Jeffrey Stedfast  <fejj@helixcode.com>
 
+	* providers/imap/camel-imap-utils.c (imap_parse_nstring): When
+	extracting a literal string, capture up until the end of the last
+	line - this we we don't lose any data if the byte count is off.
+
 	* providers/imap/camel-imap-command.c (imap_read_untagged): Use
 	the byte-read count to decrement the number of bytes left to read
 	rather than using strlen. Not only does this protect against a DoS
diff --git a/camel/providers/imap/camel-imap-utils.c b/camel/providers/imap/camel-imap-utils.c
index b38024ecc6..0677c63555 100644
--- a/camel/providers/imap/camel-imap-utils.c
+++ b/camel/providers/imap/camel-imap-utils.c
@@ -637,6 +637,10 @@ imap_parse_nstring (char **str_p, int *len)
 			*str_p = NULL;
 			return NULL;
 		}
+		
+		/* capture up until the end of the line - byte count may be a little off */
+		for ( ; *(str + *len) != '\n'; (*len)++);
+		
 		out = g_strndup (str, *len);
 		*str_p = str + *len;
 		return out;
-- 
cgit v1.2.3