diff -uNrp bogofilter-1.2.2.base64/src/iconvert.c bogofilter-1.2.2/src/iconvert.c --- bogofilter-1.2.2.base64/src/iconvert.c 2010-03-14 20:08:11.000000000 -0400 +++ bogofilter-1.2.2/src/iconvert.c 2012-12-13 10:06:56.603529996 -0500 @@ -76,7 +76,7 @@ static void convert(iconv_t xd, buff_t * outbuf = (char *)dst->t.u.text + dst->t.leng; outbytesleft = dst->size - dst->read - dst->t.leng; - if (outbytesleft == 0) + if (outbytesleft <= 0) break; /* @@ -141,6 +141,10 @@ static void convert(iconv_t xd, buff_t * switch (err) { case EILSEQ: /* invalid multibyte sequence */ case EINVAL: /* incomplete multibyte sequence */ + if(outbytesleft <= 0) { + done = true; + break; + } /* copy 1 byte (or substitute a '?') */ if (!replace_nonascii_characters) *outbuf = *inbuf; diff -uNrp bogofilter-1.2.2.base64/src/tests/Makefile.am bogofilter-1.2.2/src/tests/Makefile.am --- bogofilter-1.2.2.base64/src/tests/Makefile.am 2010-07-05 07:26:36.000000000 -0400 +++ bogofilter-1.2.2/src/tests/Makefile.am 2012-12-13 10:07:07.893536640 -0500 @@ -45,6 +45,7 @@ PARSING_TESTS = \ t.multiple.tokens.head t.multiple.tokens.body t.multiple.tokens.min.mul \ $(ENCODING_TESTS) \ t.rfc2047_broken t.rfc2047_folded \ + t.crash-invalid-base64 \ t.message_addr t.message_id t.queue_id WORDLIST_TESTS = t.dump.load t.nonascii.replace t.maint t.robx t.regtest t.upgrade.subnet.prefix t.multiple.wordlists t.probe t.bf_compact diff -uNrp bogofilter-1.2.2.base64/src/tests/t.crash-invalid-base64 bogofilter-1.2.2/src/tests/t.crash-invalid-base64 --- bogofilter-1.2.2.base64/src/tests/t.crash-invalid-base64 1969-12-31 19:00:00.000000000 -0500 +++ bogofilter-1.2.2/src/tests/t.crash-invalid-base64 2012-12-13 10:07:23.733544561 -0500 @@ -0,0 +1,21 @@ +#! /bin/sh + +. ${srcdir:=.}/t.frame + +# make sure that we do not crash on excessively long tokens +# Test program by Julius Plenz, TU Berlin. +perl -e ' +print < /dev/null