commit ec06293134b85876f9201d8a52b844c41581b2b3
Author: Matthias Andree <matthias.andree@gmx.de>
Date:   Sun Apr 18 18:01:38 2010 +0200

    SECURITY FIX: DoS on EILSEQ in report_*() in -vv and multibyte-locales.

diff --git a/rfc822.c b/rfc822.c
index 6f2dbf3..dbcda32 100644
--- a/rfc822.c
+++ b/rfc822.c
@@ -25,6 +25,7 @@ MIT license.  Compile with -DMAIN to build the demonstrator.
 #include  <stdlib.h>
 
 #include "fetchmail.h"
+#include "sdump.h"
 
 #ifndef MAIN
 #include "i18n.h"
@@ -74,9 +75,10 @@ char *reply_hack(
     }
 
 #ifndef MAIN
-    if (outlevel >= O_DEBUG)
-	report_build(stdout, GT_("About to rewrite %.*s...\n"),
-			(int)BEFORE_EOL(buf), buf);
+    if (outlevel >= O_DEBUG) {
+	report_build(stdout, GT_("About to rewrite %s...\n"), (cp = sdump(buf, BEFORE_EOL(buf))));
+	xfree(cp);
+    }
 
     /* make room to hack the address; buf must be malloced */
     for (cp = buf; *cp; cp++)
@@ -211,9 +213,12 @@ char *reply_hack(
     }
 
 #ifndef MAIN
-    if (outlevel >= O_DEBUG)
-	report_complete(stdout, GT_("...rewritten version is %.*s.\n"),
-			(int)BEFORE_EOL(buf), buf);
+    if (outlevel >= O_DEBUG) {
+	report_complete(stdout, GT_("...rewritten version is %s.\n"),
+			(cp = sdump(buf, BEFORE_EOL(buf))));
+	xfree(cp)
+    }
+
 #endif /* MAIN */
     *length = strlen(buf);
     return(buf);
diff --git a/uid.c b/uid.c
index fdc6f5d..d813bee 100644
--- a/uid.c
+++ b/uid.c
@@ -20,6 +20,7 @@
 
 #include "fetchmail.h"
 #include "i18n.h"
+#include "sdump.h"
 
 /*
  * Machinery for handling UID lists live here.  This is mainly to support
@@ -260,8 +261,11 @@ void initialize_saved_lists(struct query *hostlist, const char *idfile)
 	if (uidlcount)
 	{
 	    report_build(stdout, GT_("Scratch list of UIDs:"));
-	    for (idp = scratchlist; idp; idp = idp->next)
-		report_build(stdout, " %s", idp->id);
+	    for (idp = scratchlist; idp; idp = idp->next) {
+		char *t = sdump(idp->id, strlen(idp->id));
+		report_build(stdout, " %s", t);
+		free(t);
+	    }
 	    if (!idp)
 		report_build(stdout, GT_(" <empty>"));
 	    report_complete(stdout, "\n");
@@ -517,8 +521,11 @@ void uid_swap_lists(struct query *ctl)
 	    report_build(stdout, GT_("Merged UID list from %s:"), ctl->server.pollname);
 	else
 	    report_build(stdout, GT_("New UID list from %s:"), ctl->server.pollname);
-	for (idp = dofastuidl ? ctl->oldsaved : ctl->newsaved; idp; idp = idp->next)
-	    report_build(stdout, " %s = %d", idp->id, idp->val.status.mark);
+	for (idp = dofastuidl ? ctl->oldsaved : ctl->newsaved; idp; idp = idp->next) {
+	    char *t = sdump(idp->id, strlen(idp->id));
+	    report_build(stdout, " %s = %d", t, idp->val.status.mark);
+	    free(t);
+        }
 	if (!idp)
 	    report_build(stdout, GT_(" <empty>"));
 	report_complete(stdout, "\n");
@@ -567,8 +574,11 @@ void uid_discard_new_list(struct query *ctl)
 	/* this is now a merged list! the mails which were seen in this
 	 * poll are marked here. */
 	report_build(stdout, GT_("Merged UID list from %s:"), ctl->server.pollname);
-	for (idp = ctl->oldsaved; idp; idp = idp->next)
-	    report_build(stdout, " %s = %d", idp->id, idp->val.status.mark);
+	for (idp = ctl->oldsaved; idp; idp = idp->next) {
+	    char *t = sdump(idp->id, strlen(idp->id));
+	    report_build(stdout, " %s = %d", t, idp->val.status.mark);
+	    free(t);
+	}
 	if (!idp)
 	    report_build(stdout, GT_(" <empty>"));
 	report_complete(stdout, "\n");