Re: [PATCH] Add ~M pattern to match mime Content-Types.

Tue, 01 May 2018 09:59:52 -0700 

On Thu, Apr 26, 2018 at 05:34:16PM -0700, Kevin J. McCarthy wrote:
> On Thu, Apr 26, 2018 at 05:14:27PM -0700, Ammon Riley wrote:
> > > The =b/=B/=h are explicity mentioned because of their IMAP behavior.
> > 
> > I did copy the =b/=B.  I hadn't considered IMAP for this feature, as I'm
> > not using it.  Since we have to parse the message to match content-type,
> > how would this behave under IMAP?  Would it work on the server, or
> > does it have to be local?  If it can work on the server, then perhaps I
> > should distinguish that -- I can imagine an IMAP user might not want to
> > download large PDF-containing messages while performing this limit.
> 
> It will download the message.  I'll have to check myself if there is
> some way to do it server-side.
> 
> > Updated patch attached.
> 
> Your new patch was too fast. :-)  I realized I forgot to include one
> other comment, below.  I have to run, but I'll take another closer look
> at the revised patch later tonight.
> 
> > diff --git a/pattern.c b/pattern.c
> > +static int match_content_type(const pattern_t* pat, BODY *b)
> > +{
> > +  char buffer[STRING];
> > +  if (!b)
> > +    return 0;
> > +
> > +  if (snprintf(buffer, STRING, "%s/%s", TYPE (b), b->subtype) >= STRING)
> > +    buffer[STRING-1] = '\0';
> 
> snprintf (unlike strncpy) will always add the terminating null byte.

Indeed.  And snprintf() is generally better, but you MUST check the
return code to see that whatever you're snprintf()ing actually fit in
the buffer, and do something appropriate if it did not.

FWIW, I've said this before, but I think anywhere strncpy() is used,
code that does the above should replace it.  This avoids silent
truncation (which strncpy() does), and checking the return is required
to make sure snprintf() actually did something, and you're not
operating on uninitialized memory (or whatever).

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail due to spam prevention.  Sorry for the inconvenience.

Attachment: pgpdoLeXvujSh.pgp
Description: PGP signature

Reply via email to