@@ -1,3 +1,8 @@

+Sun Jul 30 11:09:22 BST 2006 (njh)

+----------------------------------

+  * libclamav/mbox.c:	Fixed (remote possibility) memory leak, reported

+				by Torok Edvin <edwintorok*gmail.com>

+

 Sun Jul 30 08:35:49 BST 2006 (njh)

 ---------------------------------

   * docs/man/clamav-milter.8:	Fix formatting errors and a typo

@@ -134,7 +139,7 @@ Mon Jul 17 11:40:14 CEST 2006 (tk)

 Mon Jul 17 03:00:21 CEST 2006 (acab)

 ------------------------------------

-  * libclamav/wwunpack.c: image size fixup 

+  * libclamav/wwunpack.c: image size fixup

 Mon Jul 17 01:17:40 CEST 2006 (acab)

 ------------------------------------

@@ -748,7 +753,7 @@ Fri Jan 14 14:51:01 CET 2006 (acab)

 ---------------------------------

   * libclamav: added yC support

 		thanks a lot to Ivan Zlatev <pumqara*gmail.com>

-  

+

 Fri Jan 13 14:53:45 CET 2006 (tk)

 ---------------------------------

   * libclamav/vba_extract.c: fix possible memory leak, reported by  Cesar

@@ -940,7 +945,7 @@ Sun Oct 30 18:46:36 CET 2005 (tk)

 Mon Oct 24 12:29:31 CEST 2005 (acab)

 ------------------------------------

-  * libclamav/pe.c: fixed possible infinite loop, reported by Christoph 

+  * libclamav/pe.c: fixed possible infinite loop, reported by Christoph

 Thu Oct 20 00:54:13 CEST 2005 (tk)

 ----------------------------------

@@ -16,7 +16,7 @@

  *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

  *  MA 02110-1301, USA.

  */

-static	char	const	rcsid[] = "$Id: mbox.c,v 1.325 2006/07/25 15:09:45 njh Exp $";

+static	char	const	rcsid[] = "$Id: mbox.c,v 1.326 2006/07/30 10:08:39 njh Exp $";

 #if HAVE_CONFIG_H

 #include "clamav-config.h"

@@ -2388,8 +2388,13 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx)

 			cli_dbgmsg("The message has %d parts\n", multiparts);

 			if(((multiparts == 0) || infected) && (aText == NULL)) {

-				if(messages)

+				if(messages) {

+					for(i = 0; i < multiparts; i++)

+						if(messages[i])

+							messageDestroy(messages[i]);

 					free(messages);

+				}

+

 				/*

 				 * FIXME: we could return 2 here when we have

 				 * saved stuff earlier

@@ -2675,8 +2680,11 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx)

 			break;

 		}

-		if(messages)

+		if(messages) {

+			/* "can't happen" */

+			cli_warnmsg("messages != NULL, report to bugs@clamav.net\n");

 			free(messages);

+		}

 	}

 	if(aText && (textIn == NULL)) {

@@ -4423,10 +4431,8 @@ do_multipart(message *mainMessage, message **messages, int i, int *rc, mbox_ctx

 			messages[i] = NULL;

 #else

 			/*

-			 * Scan in memory, faster but

-			 * is open to DoS attacks when

-			 * many nested levels are

-			 * involved.

+			 * Scan in memory, faster but is open to DoS attacks

+			 * when many nested levels are involved.

 			 */

 			body = parseEmailHeaders(aMessage, mctx->rfc821Table,

 				TRUE);

@@ -4533,8 +4539,7 @@ next_is_folded_header(const text *t)

 	data = lineGetData(next->t_line);

 	/*

-	 * Section B.2 of RFC822 says TAB or

-	 * SPACE means a continuation of the

+	 * Section B.2 of RFC822 says TAB or SPACE means a continuation of the

 	 * previous entry.

 	 */

 	if(isblank(data[0]))