1 --- alpine-0.9999/pith/mailcap.c~ 2007-08-15 22:28:09.000000000 +0200
2 +++ alpine-0.9999/pith/mailcap.c 2007-11-05 14:32:39.000000000 +0100
4 * have to put those outside of the single quotes.
5 * (The parm+1000 nonsense is to protect against
6 * malicious mail trying to overlow our buffer.)
8 + * TCH - Change 2/8/1999
9 + * Also quote the ` slash to prevent execution of arbirtrary code
11 for(p = parm; *p && p < parm+1000; p++){
13 - if(to-tmp_20k_buf+3 < SIZEOF_20KBUF){
14 + if((*p == '\'')||(*p=='`')){
15 + if(to-tmp_20k_buf+4 < SIZEOF_20KBUF){
16 *to++ = '\''; /* closing quote */
18 - *to++ = '\''; /* below will be opening quote */
19 + *to++ = *p; /* quoted character */
20 + *to++ = '\''; /* opening quote */
24 - if(to-tmp_20k_buf < SIZEOF_20KBUF)
25 + } else if(to-tmp_20k_buf < SIZEOF_20KBUF)