#3988: signed integer overflow in mbox_parse_mailbox
--------------------------+----------------------
Reporter: josephbisch | Owner: mutt-dev
Type: defect | Status: new
Priority: major | Milestone:
Component: mutt | Version:
Resolution: | Keywords:
--------------------------+----------------------
Comment (by vinc17):
I think that the attached patch should fix the problem in practice.
Now, this may not be a big problem since an invalid content-length means
that the user has edited the mbox file with a text editor or there is a
bug in some software.
Note: Obviously, MDA's should remove the "Content-Length:" header if
invalid otherwise there is a risk of mail loss (for instance, if a second
message is received and the content-length points just after this second
message, so that the second message is regarded as part of the first
message, which could be a spam).
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3988#comment:2>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
