On Wed, May 15, 2019 at 01:14:18PM +0200, Vincent Lefevre wrote: > Hi, > > I've just fixed an undefined behavior that can occur in an invalid > message, such as the attached one.
I noticed there are a number of other cases where Mutt is using atoi() instead of mutt_atoi(): $ grep -I -n -r '[^_]atoi' mutt-1.11.4 |egrep -v 'ChangeLog|nollatoiminto' mutt-1.11.4/doc/makedoc.c:499: if (atoi (s)) mutt-1.11.4/mutt_dotlock.c:173: case 'r': DotlockFlags |= DL_FL_RETRY; Retry = atoi (optarg); break; mutt-1.11.4/rfc2231.c:150: index = atoi (s); mutt-1.11.4/mh.c:1737: n = atoi (dep); mutt-1.11.4/init.c:509: n = atoi(++p); mutt-1.11.4/dotlock.c:173: case 'r': DotlockFlags |= DL_FL_RETRY; Retry = atoi (optarg); break; I imagine all of those should be modified. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
pgphALPswQDtq.pgp
Description: PGP signature
