search

Yeraze / ytnef

Yeraze's TNEF Stream Reader - for winmail.dat files
GNU General Public License v2.0
32 stars 22 forks source link

Fix length-check before populating propnames #58

Closed ohwgiles closed 6 years ago

ohwgiles commented 6 years ago

The earlier length check did not check enough bytes. But rather than fixing the off-by-one, it makes more sense to do a single check at the start of the loop.

Resolves CVE-2017-9058