@@ -1,3 +1,9 @@

+Sat Jun 18 14:24:54 BST 2005 (njh)

+----------------------------------

+  * libclamav/mbox.c:	Harden the test for the start of a new message in mbox,

+		based on a suggestion by "Andrey J. Melnikoff (TEMHOTA)"

+		<temnota at kmv.ru>

+

 Sat Jun 18 02:22:26 CEST 2005 (tk)

 ----------------------------------

   * libclamav/mspack/cabd.c: fix possible infinite loop

@@ -23,7 +29,7 @@ Sun Jun 12 11:24:59 CEST 2005 (tk)

 Wed Jun  8 16:01:22 CEST 2005 (tk)

 ----------------------------------

   * libclamav/zziplib/zzip-file.c: add method id for AES encrypted archives

-    (thanks to David Majorel <dm*lagoon.nc>). 

+    (thanks to David Majorel <dm*lagoon.nc>).

 Wed Jun  8 15:37:34 CEST 2005 (tk)

 ----------------------------------

@@ -15,7 +15,7 @@

  *  along with this program; if not, write to the Free Software

  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

  */

-static	char	const	rcsid[] = "$Id: mbox.c,v 1.247 2005/06/01 15:01:44 nigelhorne Exp $";

+static	char	const	rcsid[] = "$Id: mbox.c,v 1.248 2005/06/18 13:23:42 nigelhorne Exp $";

 #if HAVE_CONFIG_H

 #include "clamav-config.h"

@@ -811,7 +811,7 @@ cli_parse_mbox(const char *dir, int desc, unsigned int options)

 	 * message is stopped, and giving a better indication of which message

 	 * within the mailbox is infected

 	 */

-	if(strncmp(buffer, "From ", 5) == 0) {

+	if((strncmp(buffer, "From ", 5) == 0) && isalnum(buffer[5])) {

 		/*

 		 * Have been asked to check a UNIX style mbox file, which

 		 * may contain more than one e-mail message to decode

@@ -850,7 +850,7 @@ cli_parse_mbox(const char *dir, int desc, unsigned int options)

 		do {

 			cli_chomp(buffer);

-			if(lastLineWasEmpty && (strncmp(buffer, "From ", 5) == 0)) {

+			if(lastLineWasEmpty && (strncmp(buffer, "From ", 5) == 0) && isalnum(buffer[5])) {

 				cli_dbgmsg("Deal with email number %d\n", messagenumber++);

 				/*

 				 * End of a message in the mail box