Fix segfault in mhstore

The bug was introduced by 6306992cd580d47c217edb1ae98d58b24d5be8c9
It didn't handle MIME parts without Content-Disposition headers.

diff --git a/uip/mhparse.c b/uip/mhparse.c
index da19123..b0876eb 100644 (file)
--- a/uip/mhparse.c
+++ b/uip/mhparse.c
@@ -552,11 +552,17 @@ incl_name_value(unsigned char *buf, char *name, char *value) {
 */
 char *
 extract_name_value(char *name_suffix, char *value) {
-       char *extracted_name_value = value;
-       char *name_suffix_plus_quote = concat(name_suffix, "=\"", NULL);
-       char *name_suffix_equals = strstr(value, name_suffix_plus_quote);
+       char *extracted_name_value;
+       char *name_suffix_plus_quote;
+       char *name_suffix_equals;
        char *cp;
 
+       if (!value) {
+               return value;
+       }
+       extracted_name_value = value;
+       name_suffix_plus_quote = concat(name_suffix, "=\"", NULL);
+       name_suffix_equals = strstr(value, name_suffix_plus_quote);
        mh_free0(&name_suffix_plus_quote);
        if (name_suffix_equals) {
                char *name_suffix_begin;

diff --git a/uip/mhstore.c b/uip/mhstore.c
index 2b909ef..596df72 100644 (file)
--- a/uip/mhstore.c
+++ b/uip/mhstore.c
@@ -479,7 +479,7 @@ store_generic(CT ct)
        if (autosw && ct->c_type != CT_MESSAGE) {
                /* First check for "filename" in Content-Disposition header */
                filename = extract_name_value("filename", ct->c_dispo);
-               if (strcmp(filename, ct->c_dispo)!=0) {
+               if (filename && strcmp(filename, ct->c_dispo)!=0) {
                        /* We found "filename" */
                        cp = mhbasename(filename);
                        if (*cp && *cp!='.' && *cp!='|' && *cp!='!' &&