From 296ce19306f9c9d4358b3a1adc012405efc6c70a Mon Sep 17 00:00:00 2001
From: Vincent Richard <vincent@vincent-richard.net>
Date: Mon, 28 Nov 2005 12:17:47 +0000
Subject: [PATCH] Fixed buffer overrun in random::getString().

---
 ChangeLog              | 3 +++
 src/utility/random.cpp | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 5899982c..ab536d02 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,9 @@ VERSION 0.8.1cvs
  * maildirUtils.cpp: fixed problem with ':' in filename on Windows
    platform (thanks to Benjamin Biron).
 
+ * random.cpp: fixed buffer overrun in random::getString (thanks
+   to Benjamin Biron).
+
 2005-11-07  Vincent Richard  <vincent@vincent-richard.net>
 
  * SMTPTransport.cpp: fixed bug in disconnect() when authentication is
diff --git a/src/utility/random.cpp b/src/utility/random.cpp
index 882b4ab9..9b505cef 100644
--- a/src/utility/random.cpp
+++ b/src/utility/random.cpp
@@ -65,7 +65,7 @@ const string random::getString(const int length, const string& randomChars)
 
 	while (c < length)
 	{
-		for (unsigned int n = random::getNext() ; n != 0 ; n /= x)
+		for (unsigned int n = random::getNext() ; n != 0 && c < length ; n /= x)
 		{
 			res[c++] = randomChars[n % x];
 		}