RFC2047 decoding writes one byte too much for certain strings
With certains mails YAM's RFC 2047 decoding writes one byte too much to a destination buffer causing a buffer overrun. The byte is always a single NUL byte. The Wipeout hit points to the mime/rfc2047.c line 877.
Steps to reproduce
Change History (4)
Note: See TracTickets for help on using tickets.
This list contains all users that will be notified about changes made to this ticket.
These roles will be notified: Reporter, Owner, Subscriber