dan_mitton at ymp
May 22, 2008, 1:30 PM
Post #1 of 1
(429 views)
Permalink
|
|
Possible $mime_decoded_filename bug
|
|
I think I might have found a small bug in the setting of the
$mime_decoded_filename expansion variable. The below code snippet is from
mime.c (4.68). It seems that when fname != NULL && pname == NULL, the
"filename" variable never gets set, which ends up setting
mime_decoded_filename = empty string. Could someone else take a look to
verify what I am seeing...
FILE *mime_get_decode_file(uschar *pname, uschar *fname) {
FILE *f = NULL;
uschar *filename;
filename = (uschar *)malloc(2048);
if ((pname != NULL) && (fname != NULL)) {
(void)string_format(filename, 2048, "%s/%s", pname, fname);
f = modefopen(filename,"wb+",SPOOL_MODE);
}
else if (pname == NULL) {
f = modefopen(fname,"wb+",SPOOL_MODE);
}
else if (fname == NULL) {
int file_nr = 0;
int result = 0;
/* must find first free sequential filename */
do {
struct stat mystat;
(void)string_format(filename,2048,"%s/%s-%05u", pname, message_id,
file_nr);
file_nr++;
/* security break */
if (file_nr >= 1024)
break;
result = stat(CS filename,&mystat);
}
while(result != -1);
f = modefopen(filename,"wb+",SPOOL_MODE);
};
/* set expansion variable */
mime_decoded_filename = filename;
return f;
}
--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
|
