From bb42e90b94a6cc58ccfe8c575fcd04cce35b7b34 Mon Sep 17 00:00:00 2001
From: rswindell <>
Date: Sat, 12 Nov 2016 01:34:01 +0000
Subject: [PATCH] smb_updatethread() now sets the MSG_REPLIED attribute for the
 message being replied to. This may be used later for thread loading
 optimization (no need to load headers if there are no replies) - but for now,
 at least there will be a "Replied" attr value displayed in the message header
 indicating that the message was replied to. This attribute was previously
 only used in the "mail" base (for personal email/netmail).

Also, I think I fixed what could have been an infinite loop if there was SMB
corruption: if a message's thread_next value pointed back (to an earlier
message, with a lower message number), we could have been caught in an
infinite loop looking for the last message in the thread. This is just a
theoretical problem and never reported, but apparently possible with just
the right kind of corruption of the msgbase header.
---
 src/smblib/smblib.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/smblib/smblib.c b/src/smblib/smblib.c
index 08fc4ea9f2..a0b7e893f3 100644
--- a/src/smblib/smblib.c
+++ b/src/smblib/smblib.c
@@ -1940,6 +1940,7 @@ int SMBCALL smb_updatethread(smb_t* smb, smbmsg_t* remsg, ulong newmsgnum)
 			return(retval);
 
 		remsg->hdr.thread_first=newmsgnum;
+		remsg->hdr.attr |= MSG_REPLIED;
 		retval=smb_putmsghdr(smb,remsg);
 		smb_unlockmsghdr(smb,remsg);
 		return(retval);
@@ -1949,7 +1950,7 @@ int SMBCALL smb_updatethread(smb_t* smb, smbmsg_t* remsg, ulong newmsgnum)
 	memset(&nextmsg,0,sizeof(nextmsg));
 	nextmsgnum=remsg->hdr.thread_first;	/* start with first reply */
 
-	while(1) {
+	while(nextmsgnum > nextmsg.hdr.number) {
 		nextmsg.idx.offset=0;
 		nextmsg.hdr.number=nextmsgnum;
 		if(smb_getmsgidx(smb, &nextmsg)!=SMB_SUCCESS) /* invalid thread origin */
-- 
GitLab