Email related examples use CURLOPT_READFUNCTION callback with bad coding practices #7330
While libcurl might be calling the callback in a way that makes these examples work for now, if the call pattern ever changes the example apps may cease to work or even start crashing due to buffer overflow. Even if no such change happens, the example apps should try to be as correct as possible to not proliferate incorrect and/or unsafe API usage.
I expected the following
The example app implementing
The text was updated successfully, but these errors were encountered:
The same callback code is used in: imap-append.c smtp-authzid.c smtp-mail.c smtp-multi.c smtp-ssl.c smtp-tls.c It should not assume that it can copy full lines into the buffer as it will encourage sloppy coding practices. Instead use byte-wise logic and check/acknowledge the buffer size appropriately. Reported-by: Harry Sintonen Fixes #7330