src/sbbs3/mailsrvr.cpp - Historico da BBS TELESC.NET.BR

BBS:      TELESC.NET.BR
Assunto:  src/sbbs3/mailsrvr.cpp
De:       Rob Swindell (on Debian Linux)
Data:     Wed, 6 May 2026 19:41:53 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/92ae6263408f0ddd5d05d802
Modified Files:
	src/sbbs3/mailsrvr.cpp
Log Message:
mailsrvr: bound sockmimetext line scan with strnlen (CID 639931)

The inner while-loop walks (*np + len) up to RFC822_MAX_LINE_LEN bytes
relying on the embedded NUL test to stop early. When np points at the
"\r\n" literal used as the empty-body fallback (issue #822), Coverity
loses track of the literal's length and reports a 997-byte OVERRUN.
Compute the scan length up-front with strnlen so the bound is explicit;
behavior is unchanged but the OVERRUN false-positive is silenced.

Co-Authored-By: Claude Opus 4.7 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]