46197 – Outlook express mail import crashes

Bug 46197 - Outlook express mail import crashes

Summary: Outlook express mail import crashes

Status:	RESOLVED FIXED

Alias:	None

Product:	kmail
Classification:	Applications
Component:	kmailcvt (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	kdepim bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2002-08-06 21:18 UTC by Simon Munton
Modified:	2009-03-19 00:30 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Simon Munton 2002-08-06 21:09:32 UTC

(*** This bug was imported into bugs.kde.org ***)

Package:           kmailcvt
Version:           KDE 3.0.2 
Severity:          crash
Installed from:    Compiled From Sources
Compiler:          gcc 2.95
OS:                Linux
OS/Compiler notes: Not Specified

When importing a message from Outlook Express 5 that has a line longer than 2048 characters a crash occurs and no further messages/folders are imported.

The problem is in the file liboe.cxx line 153 in the function oe_readmessage() where a 2048 byte buffer is malloc'ed and then used without checking for buffer overflow. When I increased  the buffer size being malloc'ed (to 2MB) the crash did not occur and the import completed successfully.

Rather than just increasing the buffer size it would be better to keep track of how full the buffer is and realloc the buffer when needed.

A similar problem is at line 327 in oe_readbox_oe4() where a 65536 byte buffer is malloc'ed and then used without checking for buffer overflow.


(Submitted via bugs.kde.org)

Comment 1 Laurence Anderson 2003-02-22 11:51:30 UTC

New Outlook Filter added without these limits