lib-mail: ostream-dot - Fix potential assert-crash when parent stream buffer gets...

If max_bytes=1, the (max_bytes-2) calculation brings it to (size_t)-1. This
causes too much data to be sent to the parent stream, which then returns a
partial write and causes an assert-crash.

The final chunk calculation doesn't need the -2 check, because additional
bytes aren't inserted at that point.

Fixes:
Panic: file ostream-dot.c: line 208 (o_stream_dot_sendv): assertion failed: ((size_t)ret == sent + added)

diff --git a/src/lib-mail/ostream-dot.c b/src/lib-mail/ostream-dot.c
index d03b0c97d40e7eed1341dd24632a6dc8e733a52e..6827cbdc01250b008453819d31f9ad77fad48197 100644 (file)
--- a/src/lib-mail/ostream-dot.c
+++ b/src/lib-mail/ostream-dot.c
@@ -104,7 +104,7 @@ o_stream_dot_sendv(struct ostream_private *stream,
 
                p = data;
                pend = CONST_PTR_OFFSET(data, size);
-               for (; p < pend && (size_t)(p-data) < (max_bytes-2); p++) {
+               for (; p < pend && (size_t)(p-data)+2 < max_bytes; p++) {
                        char add = 0;
 
                        switch (dstream->state) {
@@ -183,8 +183,8 @@ o_stream_dot_sendv(struct ostream_private *stream,
 
                if (max_bytes == 0)
                        break;
-               chunk = ((size_t)(p-data) >= (max_bytes-2) ?
-                               max_bytes - 2 : (size_t)(p - data));    
+               chunk = ((size_t)(p-data) >= max_bytes ?
+                               max_bytes : (size_t)(p - data));
                if (chunk > 0) {
                        iovn.iov_base = data;
                        iovn.iov_len = chunk;