Patch: Escape character troubles  (ITS#1753)

			================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

maildap could address buf[-1] if len was < 2.

REWRITE_SUBMATCH_ESCAPE is '%', not '\'.

librewrite and saslautz could walk past the end of a string which
ended with an escape character.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.


diff -u2 -r clients/maildap/main.c~ clients/maildap/main.c
--- clients/maildap/main.c~	Fri Jan  4 21:17:30 2002
+++ clients/maildap/main.c	Sun Apr 14 12:09:18 2002
@@ -440,5 +440,5 @@
 		if ( strspn( buf, " \t\n" ) == len )
 			continue;
-		if ( buf[len-2] == '\\' ) {
+		if ( len >= 2 && buf[len-2] == '\\' ) {
 			pos = len - 2;
 			room = sizeof(buf) - pos;
diff -u2 -r libraries/librewrite/subst.c~ libraries/librewrite/subst.c
--- libraries/librewrite/subst.c~	Mon Apr  8 11:50:53 2002
+++ libraries/librewrite/subst.c	Sun Apr 14 14:28:47 2002
@@ -54,5 +54,5 @@
 		
 		/*
-		 * Keep only single escapes '\'
+		 * Keep only single escapes '%'
 		 */
 		if ( p[ 0 ] != REWRITE_SUBMATCH_ESCAPE ) {
diff -u2 -r libraries/librewrite/map.c~ libraries/librewrite/map.c
--- libraries/librewrite/map.c~	Mon Apr  8 11:50:53 2002
+++ libraries/librewrite/map.c	Sun Apr 14 14:27:11 2002
@@ -246,10 +246,10 @@
 		if ( p[ 0 ] == REWRITE_SUBMATCH_ESCAPE ) {
 			/*
-			 * '\' marks the beginning of a new map
+			 * '%' marks the beginning of a new map
 			 */
 			if ( p[ 1 ] == '{' ) {
 				cnt++;
 			/*
-			 * '\' followed by a digit may mark the beginning
+			 * '%' followed by a digit may mark the beginning
 			 * of an old map
 			 */
@@ -258,5 +258,6 @@
 				p++;
 			}
-			p++;
+			if ( p[ 1 ] != '\0' )
+				p++;
 		} else if ( p[ 0 ] == '}' ) {
 			cnt--;
diff -u2 -r libraries/librewrite/parse.c~ libraries/librewrite/parse.c
--- libraries/librewrite/parse.c~	Mon Apr  8 11:50:53 2002
+++ libraries/librewrite/parse.c	Sun Apr 14 13:57:32 2002
@@ -46,5 +46,5 @@
 	
 	for ( begin = p;  p[ 0 ] != '\0'; p++ ) {
-		if ( p[ 0 ] == '\\' ) {
+		if ( p[ 0 ] == '\\' && p[ 1 ] != '\0' ) {
 			p++;
 		} else if ( p[ 0 ] == '\'' || p[ 0 ] == '\"') {
diff -u2 -r servers/slapd/saslauthz.c~ servers/slapd/saslauthz.c
--- servers/slapd/saslauthz.c~	Fri Apr 12 10:42:21 2002
+++ servers/slapd/saslauthz.c	Sun Apr 14 14:34:18 2002
@@ -165,5 +165,5 @@
 	n = 1;
 	for ( c = reg->sr_replace;	 *c;  c++ ) {
-		if ( *c == '\\' ) {
+		if ( *c == '\\' && c[1] ) {
 			c++;
 			continue;