Recalculate maildirsize data if either of the totals comes out negative,

as this indicates a broken file.

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index f76f22a324db436c329bab80a36f47443774394e..3be581e3a8be42429b82594b76ab9c7c3c00d05a 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.23 2004/11/11 16:03:47 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.24 2004/11/12 11:28:15 ph10 Exp $

 
 Change log file for Exim from version 4.21
 -------------------------------------------
 
 Change log file for Exim from version 4.21
 -------------------------------------------


@@ -94,6 +94,11 @@ Exim version 4.44
     SIGCHLD signals. This is not a major problem, because they are used only to
     wake it up if nothing else does.
 
     SIGCHLD signals. This is not a major problem, because they are used only to
     wake it up if nothing else does.
 

+26. A malformed maildirsize file could cause Exim to calculate negative values
+    for the mailbox size or file count. Odd effects could occur as a result.
+    The maildirsize information is now recalculated if the size or filecount
+    end up negative.
+

 
 Exim version 4.43
 -----------------
 
 Exim version 4.43
 -----------------

diff --git a/src/src/transports/tf_maildir.c b/src/src/transports/tf_maildir.c
index bf0aa1572cbad5aa8ff55457f04f90dd6784d6ed..f18c9167186e6975cb77f4eae0745f7bb1d63339 100644 (file)
--- a/src/src/transports/tf_maildir.c
+++ b/src/src/transports/tf_maildir.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/transports/tf_maildir.c,v 1.1 2004/10/07 13:10:02 ph10 Exp $ */
+/* $Cambridge: exim/src/src/transports/tf_maildir.c,v 1.2 2004/11/12 11:28:15 ph10 Exp $ */

 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *


@@ -430,10 +430,19 @@ while (*endptr++ == '\n')
 /* If *endptr is zero, we have successfully parsed the file, and we now have
 the size of the mailbox as cached in the file. The "rules" say that if this
 value indicates that the mailbox is over quota, we must recalculate if there is
 /* If *endptr is zero, we have successfully parsed the file, and we now have
 the size of the mailbox as cached in the file. The "rules" say that if this
 value indicates that the mailbox is over quota, we must recalculate if there is

-more than one entry in the file, or if the file is older than 15 minutes. */
+more than one entry in the file, or if the file is older than 15 minutes. Also,
+just in case there are weird values in the file, recalculate if either of the
+values is negative. */

 
 if (*endptr == 0)
   {
 
 if (*endptr == 0)
   {

+  if (size < 0 || filecount < 0) 
+    {
+    DEBUG(D_transport) debug_printf("negative value in maildirsize "
+      "(size=%d count=%d): recalculating\n", size, filecount); 
+    goto RECALCULATE; 
+    } 
+ 

   if (ob->quota_value > 0 &&
       (size + (ob->quota_is_inclusive? message_size : 0) > ob->quota_value ||
         (ob->quota_filecount_value > 0 &&
   if (ob->quota_value > 0 &&
       (size + (ob->quota_is_inclusive? message_size : 0) > ob->quota_value ||
         (ob->quota_filecount_value > 0 &&


@@ -444,7 +453,7 @@ if (*endptr == 0)
     struct stat statbuf;
     if (linecount > 1)
       {
     struct stat statbuf;
     if (linecount > 1)
       {

-      DEBUG(D_transport) debug_printf("over quota and maildirsizefile has "
+      DEBUG(D_transport) debug_printf("over quota and maildirsize has "

         "more than 1 entry: recalculating\n");
       goto RECALCULATE;
       }
         "more than 1 entry: recalculating\n");
       goto RECALCULATE;
       }