File cyrus-imapd-2.4.18-CVE-2015-8078.patch of Package cyrus-imapd

From 0142e98fa90f02a030f93469523ac64f91ae7a9f Mon Sep 17 00:00:00 2001
From: ellie timoney <ellie@fastmail.com>
Date: Mon, 26 Oct 2015 16:21:01 +1100
Subject: urlfetch: and the other bit


diff --git a/imap/index.c b/imap/index.c
index 566a983..6216f02 100644
--- a/imap/index.c
+++ b/imap/index.c
@@ -2807,7 +2807,8 @@ int index_urlfetch(struct index_state *state, uint32_t msgno,
         size_t section_offset = CACHE_ITEM_BIT32(cacheitem);
         size_t section_size = CACHE_ITEM_BIT32(cacheitem + CACHE_ITEM_SIZE_SKIP);
 
-        if (section_offset + section_size > size) {
+        if (section_offset + section_size < section_offset
+            || section_offset + section_size > size) {
             r = IMAP_INTERNAL;
             goto done;
         }
-- 
cgit v0.10.2