• Kevin J. McCarthy's avatar
    Fix oob reads when fgets returns "\0". (closes #3776) · d0167478
    Kevin J. McCarthy authored
    The ticket reported an out of bounds read in mutt_read_rfc822_line()
    when a '\0' was embedded on its own line in the headers.  The function
    assumed if fgets() didn't return NULL, then the string would have at
    least one character.
    I scanned the rest of the code and found three other places making the
    same assumption for fgets.
    Thanks to hanno for finding this with the "american fuzzy lop" tool.
smime.c 49.8 KB