Johannes Schindelin <Johannes.Schindelin@xxxxxx> writes: >> Looking at what handle_body() does for TE_BASE64 and TE_QP cases, I have >> to wonder if this is enough. The loop seems to stop at (*op == NUL) >> which follows an old assumption that each line is terminated with NUL, >> not the new assumption you introduced that each line's length is kept in >> local variable len. > > Of course! But does BASE64 and QP contain NULs? The loop in question iterates over bytes _after_ decoding these encoded lines, and a typical reason you would encode the payload is because it contains something not safe over e-mail transfer, e.g. NUL. I think decode_transfer_encoding() also needs to become safe against NULs in the payload. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
