From 5cd9b52ea5a75c4dff3d92683ff51d4e02cb1fd5 Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Mon, 7 Jan 2013 15:27:27 +0100
Subject: bugfix: very large memory consumption (and probably out of memory)

...when FromPos was specified in template, but ToPos not.
Thanks to Radu Gheorghe for alerting us of this bug.
---
 runtime/msg.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'runtime/msg.c')

diff --git a/runtime/msg.c b/runtime/msg.c
index 09f6d649..10605ba4 100644
--- a/runtime/msg.c
+++ b/runtime/msg.c
@@ -3027,6 +3027,8 @@ uchar *MsgGetProp(msg_t *pMsg, struct templateEntry *pTpe,
 			 */
 			; /*DO NOTHING*/
 		} else {
+			if(iTo > bufLen) /* iTo is very large, if no to-position is set in the template! */
+				iTo = bufLen;
 			iLen = iTo - iFrom + 1; /* the +1 is for an actual char, NOT \0! */
 			pBufStart = pBuf = MALLOC((iLen + 1) * sizeof(char));
 			if(pBuf == NULL) {
-- 
cgit v1.2.3