From 90a90f347bea035bbed1b3d13e40b7a23765af11 Mon Sep 17 00:00:00 2001
From: Wilfried Goesgens <dothebart@citadel.org>
Date: Wed, 10 Nov 2010 20:22:16 +0100
Subject: [PATCH] fix buffer overrun while converting charsets

* DecodeSegment() didn't check whether one of the temporary buffers would be able to bear the transcoding results
---
 libcitadel/lib/stringbuf.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libcitadel/lib/stringbuf.c b/libcitadel/lib/stringbuf.c
index 5d050e750..88cea7d70 100644
--- a/libcitadel/lib/stringbuf.c
+++ b/libcitadel/lib/stringbuf.c
@@ -2945,6 +2945,8 @@ inline static void DecodeSegment(StrBuf *Target,
 	
 	*encoding = toupper(*encoding);
 	if (*encoding == 'B') {	/**< base64 */
+		if (ConvertBuf2->BufSize < ConvertBuf->BufUsed)
+			IncreaseBuf(ConvertBuf2, 0, ConvertBuf->BufUsed);
 		ConvertBuf2->BufUsed = CtdlDecodeBase64(ConvertBuf2->buf, 
 							ConvertBuf->buf, 
 							ConvertBuf->BufUsed);
@@ -2960,6 +2962,9 @@ inline static void DecodeSegment(StrBuf *Target,
 			pos++;
 		}
 		
+		if (ConvertBuf2->BufSize < ConvertBuf->BufUsed)
+			IncreaseBuf(ConvertBuf2, 0, ConvertBuf->BufUsed);
+
 		ConvertBuf2->BufUsed = CtdlDecodeQuotedPrintable(
 			ConvertBuf2->buf, 
 			ConvertBuf->buf,
-- 
2.30.2