char *name, *addrspec;
int at;
/* rewind back to the beginning of the local-part */
inptr = start;
if (!addrspec_parse (&inptr, COMMA_GREATER_THAN_OR_SEMICOLON, &addrspec, &at))
goto error;
skip_lwsp (&inptr);
if (*inptr == '(') {
const char *comment = inptr;
if (!skip_comment (&inptr))
goto error;
comment++;
name = decode_name (options, comment, (size_t) ((inptr - 1) - comment), charset, offset);
} else {
name = g_strdup ("");
}
I had deal with From tag =?UTF-8?B?bGVzQGRyd2ViLet6?= <kpfsgxh@rwwv.com>uddgtddvucet@[192.168.1.12] (Unknown [120.8?B?5LujIOX-Real-To: apov@navitera.by. Absence ')' is important
addrspec_parse allocate memory for addrspec. if (!skip_comment (&inptr)) follow to goto error with no g_free(addrspec)
Hi
I checked my app with gmime both fuzzing test and AdressSanitizer. Fuzzing suggests a little strange data nevertheless it's way to safete work.
src:
internet-address.c
func:https://github.com/jstedfast/gmime/blob/d6b01dec1c610dd33d2cb640ef4cbe7eb76df1af/gmime/internet-address.c#L1963
I had deal with From tag
=?UTF-8?B?bGVzQGRyd2ViLet6?= <kpfsgxh@rwwv.com>uddgtddvucet@[192.168.1.12] (Unknown [120.8?B?5LujIOX-Real-To: apov@navitera.by
. Absence ')' is importantaddrspec_parse allocate memory for addrspec.
if (!skip_comment (&inptr))
follow togoto error
with nog_free(addrspec)