From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Thu, 20 Aug 2020 07:31:41 +0000 (+0300)
Subject: lib-storage: index-mail-headers - Avoid unsigned overflow on header_match_value
X-Git-Tag: 2.3.13~194
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=70d98bc561f14a9a3d8e172777df4ae6edcc55c9;p=thirdparty%2Fdovecot%2Fcore.git

lib-storage: index-mail-headers - Avoid unsigned overflow on header_match_value
---

diff --git a/src/lib-storage/index/index-mail-headers.c b/src/lib-storage/index/index-mail-headers.c
index df21b9129e..4f3fe68929 100644
--- a/src/lib-storage/index/index-mail-headers.c
+++ b/src/lib-storage/index/index-mail-headers.c
@@ -209,10 +209,11 @@ void index_mail_parse_header_init(struct index_mail *mail,
 		array_clear(&mail->header_lines);
 		array_clear(&mail->header_match_lines);
 
-		mail->header_match_value += HEADER_MATCH_SKIP_COUNT;
 		i_assert((mail->header_match_value &
 			  (HEADER_MATCH_SKIP_COUNT-1)) == 0);
-		if (mail->header_match_value == 0) {
+		if (mail->header_match_value + HEADER_MATCH_SKIP_COUNT <= UINT8_MAX)
+			mail->header_match_value += HEADER_MATCH_SKIP_COUNT;
+		else {
 			/* wrapped, we'll have to clear the buffer */
 			array_clear(&mail->header_match);
 			mail->header_match_value = HEADER_MATCH_SKIP_COUNT;