From: David Levine Date: Thu, 10 Jan 2013 02:58:03 +0000 (-0600) Subject: Added comments to and started cleaning up m_getfld.c. X-Git-Url: https://diplodocus.org/git/nmh/commitdiff_plain/3e367abc95c28b4d5a7d722f5a6a88fcb05a597e?hp=--cc Added comments to and started cleaning up m_getfld.c. --- 3e367abc95c28b4d5a7d722f5a6a88fcb05a597e diff --git a/sbr/m_getfld.c b/sbr/m_getfld.c index 5b9cfc41..dc799ba1 100644 --- a/sbr/m_getfld.c +++ b/sbr/m_getfld.c @@ -250,7 +250,7 @@ setup_buffer (FILE *iob, struct m_getfld_buffer *m) { methods are used. And, the first call to m_getfld (), etc., on a stream always reads at least 1 byte. I don't think it's necessary to use ftello() because we just - need to determine whether the current offset is 0 or not. */ + need to determine whether the current offset is 0 or not. */ if (ftell (iob) == 0) { /* A new file stream, so reset the buffer state. */ m->readpos = m->end = m->msg_buf; @@ -384,6 +384,9 @@ m_getfld (int state, unsigned char name[NAMESZ], unsigned char *buf, } } else { /* Restore the current offset. */ + /* j was set to be less than or equal to the number of + bytes available, so we can't overrun the end of the + message buffer. */ m.readpos = bp + 1; } if (c == ':') @@ -462,6 +465,8 @@ m_getfld (int state, unsigned char name[NAMESZ], unsigned char *buf, /* Save the text and update the current position. */ j = ep - m.readpos; memcpy (cp, m.readpos, j); + /* c is less than or equal to the number of bytes + remaining in the read buffer, so will not overrun. */ m.readpos = ep; cp += j; state = FLD; @@ -585,7 +590,9 @@ m_getfld (int state, unsigned char name[NAMESZ], unsigned char *buf, } } memcpy( buf, bp, c ); - /* Advance the current position to reflect the copy out. */ + /* Advance the current position to reflect the copy out. + c is less than or equal to the number of bytes remaining + in the read buffer, so will not overrun it. */ m.readpos += c; if (*bufsz < 0) { *bufsz = c + bytes_read + 1; @@ -608,7 +615,7 @@ void m_unknown(FILE *iob) { register int c; - char text[10]; + char text[MAX_DELIMITER_SIZE]; register char *cp; register char *delimstr; size_t bytes_read = 0; @@ -642,6 +649,11 @@ m_unknown(FILE *iob) delimstr = "\nFrom "; while (++bytes_read, (c = Getc (iob)) != '\n' && c >= 0) ; + /* m_unknown is only called on maildrop files, and they are only + read using m_getfld (). The caller musn't try to read from + the stream directly because the file position indicator was + not advanced based on bytes_read, but instead on whatever + was read into the message buffer. */ } else { /* not a Unix style maildrop */ m.readpos -= bytes_read; /* fseek (iob, pos, SEEK_SET), but relative. */ @@ -657,7 +669,7 @@ m_unknown(FILE *iob) msg_delim = (char *)fdelim+1; edelim = (unsigned char *)msg_delim+1; fdelimlen = c + 1; - edelimlen = c - 1; + edelimlen = c - 1; /* == strlen (delimstr) */ strcpy (msg_delim, delimstr); delimend = (unsigned char *)msg_delim + edelimlen; if (edelimlen <= 1)