dovecot/dovecot-2.2-80ed82a93c1a.patch
2015-02-05 16:50:58 +01:00

451 lines
15 KiB
Diff

# HG changeset patch
# User Timo Sirainen <tss@iki.fi>
# Date 1416386277 -32400
# Node ID 80ed82a93c1af5f6885e75a34007eb52d0692a8d
# Parent 31262a892ba7302bfea6e70e17d3acd468736d70
mbox: Added more (and earlier) detection for errors in mbox istreams.
diff -r 31262a892ba7 -r 80ed82a93c1a src/lib-storage/index/mbox/istream-raw-mbox.c
--- a/src/lib-storage/index/mbox/istream-raw-mbox.c Wed Nov 19 17:37:18 2014 +0900
+++ b/src/lib-storage/index/mbox/istream-raw-mbox.c Wed Nov 19 17:37:57 2014 +0900
@@ -506,7 +506,8 @@
return rstream->from_offset;
}
-uoff_t istream_raw_mbox_get_header_offset(struct istream *stream)
+int istream_raw_mbox_get_header_offset(struct istream *stream,
+ uoff_t *hdr_offset_r)
{
struct raw_mbox_istream *rstream =
(struct raw_mbox_istream *)stream->real_stream;
@@ -520,13 +521,17 @@
i_error("Unexpectedly lost From-line from mbox file %s at "
"%"PRIuUOFF_T, i_stream_get_name(stream),
rstream->from_offset);
- return (uoff_t)-1;
+ return -1;
}
+ if (stream->stream_errno != 0)
+ return -1;
- return rstream->hdr_offset;
+ *hdr_offset_r = rstream->hdr_offset;
+ return 0;
}
-uoff_t istream_raw_mbox_get_body_offset(struct istream *stream)
+int istream_raw_mbox_get_body_offset(struct istream *stream,
+ uoff_t *body_offset_r)
{
struct raw_mbox_istream *rstream =
(struct raw_mbox_istream *)stream->real_stream;
@@ -534,8 +539,10 @@
i_assert(rstream->seeked);
- if (rstream->body_offset != (uoff_t)-1)
- return rstream->body_offset;
+ if (rstream->body_offset != (uoff_t)-1) {
+ *body_offset_r = rstream->body_offset;
+ return 0;
+ }
offset = stream->v_offset;
i_stream_seek(stream, rstream->hdr_offset);
@@ -551,27 +558,30 @@
} else {
i_assert(rstream->body_offset != (uoff_t)-1);
}
- break;
+ return -1;
}
}
i_stream_seek(stream, offset);
- return rstream->body_offset;
+ *body_offset_r = rstream->body_offset;
+ return 0;
}
-uoff_t istream_raw_mbox_get_body_size(struct istream *stream,
- uoff_t expected_body_size)
+int istream_raw_mbox_get_body_size(struct istream *stream,
+ uoff_t expected_body_size,
+ uoff_t *body_size_r)
{
struct raw_mbox_istream *rstream =
(struct raw_mbox_istream *)stream->real_stream;
const unsigned char *data;
size_t size;
- uoff_t old_offset, body_size, next_body_offset;
+ uoff_t old_offset, body_offset, body_size, next_body_offset;
i_assert(rstream->seeked);
i_assert(rstream->hdr_offset != (uoff_t)-1);
- (void)istream_raw_mbox_get_body_offset(stream);
+ if (istream_raw_mbox_get_body_offset(stream, &body_offset) < 0)
+ return -1;
body_size = rstream->mail_size == (uoff_t)-1 ? (uoff_t)-1 :
rstream->mail_size - (rstream->body_offset -
rstream->hdr_offset);
@@ -580,8 +590,10 @@
/* if we already have the existing body size, use it as long as
it's >= expected body_size. otherwise the previous parsing
may have stopped at a From_-line that belongs to the body. */
- if (body_size != (uoff_t)-1 && body_size >= expected_body_size)
- return body_size;
+ if (body_size != (uoff_t)-1 && body_size >= expected_body_size) {
+ *body_size_r = body_size;
+ return 0;
+ }
next_body_offset = rstream->body_offset + expected_body_size;
/* If header_missing_eoh is set, the message body begins with
@@ -600,21 +612,27 @@
rstream->mail_size =
next_body_offset - rstream->hdr_offset;
i_stream_seek(stream, old_offset);
- return expected_body_size;
+ *body_size_r = expected_body_size;
+ return 0;
}
/* invalid expected_body_size */
}
- if (body_size != (uoff_t)-1)
- return body_size;
+ if (body_size != (uoff_t)-1) {
+ *body_size_r = body_size;
+ return 0;
+ }
/* have to read through the message body */
while (i_stream_read_data(stream, &data, &size, 0) > 0)
i_stream_skip(stream, size);
i_stream_seek(stream, old_offset);
+ if (stream->stream_errno != 0)
+ return -1;
i_assert(rstream->mail_size != (uoff_t)-1);
- return rstream->mail_size -
+ *body_size_r = rstream->mail_size -
(rstream->body_offset - rstream->hdr_offset);
+ return 0;
}
time_t istream_raw_mbox_get_received_time(struct istream *stream)
@@ -651,13 +669,15 @@
return rstream->crlf_ending;
}
-void istream_raw_mbox_next(struct istream *stream, uoff_t expected_body_size)
+int istream_raw_mbox_next(struct istream *stream, uoff_t expected_body_size)
{
struct raw_mbox_istream *rstream =
(struct raw_mbox_istream *)stream->real_stream;
uoff_t body_size;
- body_size = istream_raw_mbox_get_body_size(stream, expected_body_size);
+ if (istream_raw_mbox_get_body_size(stream, expected_body_size,
+ &body_size) < 0)
+ return -1;
rstream->mail_size = (uoff_t)-1;
rstream->received_time = rstream->next_received_time;
@@ -678,6 +698,7 @@
rstream->eof = FALSE;
rstream->istream.istream.eof = FALSE;
+ return 0;
}
int istream_raw_mbox_seek(struct istream *stream, uoff_t offset)
@@ -698,10 +719,8 @@
/* if seeked is FALSE, we unlocked in the middle. don't try to use
any cached state then. */
if (rstream->mail_size != (uoff_t)-1 && rstream->seeked &&
- rstream->hdr_offset + rstream->mail_size == offset) {
- istream_raw_mbox_next(stream, (uoff_t)-1);
- return 0;
- }
+ rstream->hdr_offset + rstream->mail_size == offset)
+ return istream_raw_mbox_next(stream, (uoff_t)-1);
if (offset == rstream->from_offset && rstream->seeked) {
/* back to beginning of current message */
diff -r 31262a892ba7 -r 80ed82a93c1a src/lib-storage/index/mbox/istream-raw-mbox.h
--- a/src/lib-storage/index/mbox/istream-raw-mbox.h Wed Nov 19 17:37:18 2014 +0900
+++ b/src/lib-storage/index/mbox/istream-raw-mbox.h Wed Nov 19 17:37:57 2014 +0900
@@ -9,15 +9,18 @@
/* Return offset to beginning of the "\nFrom"-line. */
uoff_t istream_raw_mbox_get_start_offset(struct istream *stream);
/* Return offset to beginning of the headers. */
-uoff_t istream_raw_mbox_get_header_offset(struct istream *stream);
+int istream_raw_mbox_get_header_offset(struct istream *stream,
+ uoff_t *hdr_offset_r);
/* Return offset to beginning of the body. */
-uoff_t istream_raw_mbox_get_body_offset(struct istream *stream);
+int istream_raw_mbox_get_body_offset(struct istream *stream,
+ uoff_t *body_offset_r);
/* Return the number of bytes in the body of this message. If
expected_body_size isn't (uoff_t)-1, we'll use it as potentially valid body
size to avoid actually reading through the whole message. */
-uoff_t istream_raw_mbox_get_body_size(struct istream *stream,
- uoff_t expected_body_size);
+int istream_raw_mbox_get_body_size(struct istream *stream,
+ uoff_t expected_body_size,
+ uoff_t *body_size_r);
/* Return received time of current message, or (time_t)-1 if the timestamp is
broken. */
@@ -30,7 +33,7 @@
/* Jump to next message. If expected_body_size isn't (uoff_t)-1, we'll use it
as potentially valid body size. */
-void istream_raw_mbox_next(struct istream *stream, uoff_t expected_body_size);
+int istream_raw_mbox_next(struct istream *stream, uoff_t expected_body_size);
/* Seek to message at given offset. offset must point to beginning of
"\nFrom ", or 0 for beginning of file. Returns -1 if it offset doesn't
diff -r 31262a892ba7 -r 80ed82a93c1a src/lib-storage/index/mbox/mbox-mail.c
--- a/src/lib-storage/index/mbox/mbox-mail.c Wed Nov 19 17:37:18 2014 +0900
+++ b/src/lib-storage/index/mbox/mbox-mail.c Wed Nov 19 17:37:57 2014 +0900
@@ -304,10 +304,10 @@
return -1;
/* our header size varies, so don't do any caching */
- body_offset = istream_raw_mbox_get_body_offset(mbox->mbox_stream);
- if (body_offset == (uoff_t)-1) {
+ if (istream_raw_mbox_get_body_offset(mbox->mbox_stream, &body_offset) < 0) {
mail_storage_set_critical(_mail->box->storage,
- "Couldn't get mbox size");
+ "mbox %s: Couldn't get body offset for uid=%u",
+ mailbox_get_path(&mbox->box), mail->mail.mail.uid);
return -1;
}
@@ -319,8 +319,13 @@
body_size = (uoff_t)-1;
/* verify that the calculated body size is correct */
- body_size = istream_raw_mbox_get_body_size(mbox->mbox_stream,
- body_size);
+ if (istream_raw_mbox_get_body_size(mbox->mbox_stream,
+ body_size, &body_size) < 0) {
+ mail_storage_set_critical(_mail->box->storage,
+ "mbox %s: Couldn't get body size for uid=%u",
+ mailbox_get_path(&mbox->box), mail->mail.mail.uid);
+ return -1;
+ }
data->physical_size = hdr_size.physical_size + body_size;
*size_r = data->physical_size;
@@ -352,7 +357,12 @@
}
raw_stream = mbox->mbox_stream;
- hdr_offset = istream_raw_mbox_get_header_offset(raw_stream);
+ if (istream_raw_mbox_get_header_offset(raw_stream, &hdr_offset) < 0) {
+ mail_storage_set_critical(mbox->box.storage,
+ "mbox %s: Couldn't get header offset for uid=%u",
+ mailbox_get_path(&mbox->box), mail->mail.mail.uid);
+ return -1;
+ }
i_stream_seek(raw_stream, hdr_offset);
if (next_offset != (uoff_t)-1)
diff -r 31262a892ba7 -r 80ed82a93c1a src/lib-storage/index/mbox/mbox-sync-parse.c
--- a/src/lib-storage/index/mbox/mbox-sync-parse.c Wed Nov 19 17:37:18 2014 +0900
+++ b/src/lib-storage/index/mbox/mbox-sync-parse.c Wed Nov 19 17:37:57 2014 +0900
@@ -453,8 +453,8 @@
return strcasecmp(key, func->header);
}
-void mbox_sync_parse_next_mail(struct istream *input,
- struct mbox_sync_mail_context *ctx)
+int mbox_sync_parse_next_mail(struct istream *input,
+ struct mbox_sync_mail_context *ctx)
{
struct mbox_sync_context *sync_ctx = ctx->sync_ctx;
struct message_header_parser_ctx *hdr_ctx;
@@ -545,6 +545,12 @@
}
ctx->body_offset = input->v_offset;
+ if (input->stream_errno != 0) {
+ mbox_sync_set_critical(ctx->sync_ctx, "read(%s) failed: %s",
+ i_stream_get_name(input), i_stream_get_error(input));
+ return -1;
+ }
+ return 0;
}
bool mbox_sync_parse_match_mail(struct mbox_mailbox *mbox,
diff -r 31262a892ba7 -r 80ed82a93c1a src/lib-storage/index/mbox/mbox-sync-private.h
--- a/src/lib-storage/index/mbox/mbox-sync-private.h Wed Nov 19 17:37:18 2014 +0900
+++ b/src/lib-storage/index/mbox/mbox-sync-private.h Wed Nov 19 17:37:57 2014 +0900
@@ -158,8 +158,8 @@
void mbox_sync_set_critical(struct mbox_sync_context *sync_ctx,
const char *fmt, ...) ATTR_FORMAT(2, 3);
-void mbox_sync_parse_next_mail(struct istream *input,
- struct mbox_sync_mail_context *ctx);
+int mbox_sync_parse_next_mail(struct istream *input,
+ struct mbox_sync_mail_context *ctx);
bool mbox_sync_parse_match_mail(struct mbox_mailbox *mbox,
struct mail_index_view *view, uint32_t seq);
diff -r 31262a892ba7 -r 80ed82a93c1a src/lib-storage/index/mbox/mbox-sync-rewrite.c
--- a/src/lib-storage/index/mbox/mbox-sync-rewrite.c Wed Nov 19 17:37:18 2014 +0900
+++ b/src/lib-storage/index/mbox/mbox-sync-rewrite.c Wed Nov 19 17:37:57 2014 +0900
@@ -318,11 +318,11 @@
return 1;
}
-static void mbox_sync_read_next(struct mbox_sync_context *sync_ctx,
- struct mbox_sync_mail_context *mail_ctx,
- struct mbox_sync_mail *mails,
- uint32_t seq, uint32_t idx,
- uoff_t expunged_space)
+static int mbox_sync_read_next(struct mbox_sync_context *sync_ctx,
+ struct mbox_sync_mail_context *mail_ctx,
+ struct mbox_sync_mail *mails,
+ uint32_t seq, uint32_t idx,
+ uoff_t expunged_space)
{
unsigned int first_mail_expunge_extra;
uint32_t orig_next_uid;
@@ -332,8 +332,12 @@
mail_ctx->seq = seq;
mail_ctx->header = sync_ctx->header;
- mail_ctx->mail.offset =
- istream_raw_mbox_get_header_offset(sync_ctx->input);
+ if (istream_raw_mbox_get_header_offset(sync_ctx->input,
+ &mail_ctx->mail.offset) < 0) {
+ mbox_sync_set_critical(sync_ctx,
+ "Couldn't get header offset for seq=%u", seq);
+ return -1;
+ }
mail_ctx->mail.body_size = mails[idx].body_size;
orig_next_uid = sync_ctx->next_uid;
@@ -361,7 +365,8 @@
mails[idx].from_offset += first_mail_expunge_extra;
}
- mbox_sync_parse_next_mail(sync_ctx->input, mail_ctx);
+ if (mbox_sync_parse_next_mail(sync_ctx->input, mail_ctx) < 0)
+ return -1;
i_assert(mail_ctx->mail.pseudo == mails[idx].pseudo);
/* set next_uid back before updating the headers. this is important
@@ -381,6 +386,7 @@
if (mail_ctx->have_eoh)
str_append_c(mail_ctx->header, '\n');
}
+ return 0;
}
static int mbox_sync_read_and_move(struct mbox_sync_context *sync_ctx,
@@ -398,8 +404,9 @@
if (mbox_sync_seek(sync_ctx, mails[idx].from_offset) < 0)
return -1;
- mbox_sync_read_next(sync_ctx, &new_mail_ctx, mails, seq, idx,
- expunged_space);
+ if (mbox_sync_read_next(sync_ctx, &new_mail_ctx, mails, seq, idx,
+ expunged_space) < 0)
+ return -1;
mail_ctx = &new_mail_ctx;
} else {
i_assert(seq == mail_ctx->seq);
diff -r 31262a892ba7 -r 80ed82a93c1a src/lib-storage/index/mbox/mbox-sync.c
--- a/src/lib-storage/index/mbox/mbox-sync.c Wed Nov 19 17:37:18 2014 +0900
+++ b/src/lib-storage/index/mbox/mbox-sync.c Wed Nov 19 17:37:57 2014 +0900
@@ -131,8 +131,10 @@
mbox_sync_read_next_mail(struct mbox_sync_context *sync_ctx,
struct mbox_sync_mail_context *mail_ctx)
{
+ uoff_t offset;
+
/* get EOF */
- (void)istream_raw_mbox_get_header_offset(sync_ctx->input);
+ (void)istream_raw_mbox_get_header_offset(sync_ctx->input, &offset);
if (istream_raw_mbox_is_eof(sync_ctx->input))
return 0;
@@ -144,19 +146,27 @@
mail_ctx->mail.from_offset =
istream_raw_mbox_get_start_offset(sync_ctx->input);
- mail_ctx->mail.offset =
- istream_raw_mbox_get_header_offset(sync_ctx->input);
+ if (istream_raw_mbox_get_header_offset(sync_ctx->input, &mail_ctx->mail.offset) < 0) {
+ mbox_sync_set_critical(sync_ctx,
+ "Couldn't get header offset for seq=%u", mail_ctx->seq);
+ return -1;
+ }
- mbox_sync_parse_next_mail(sync_ctx->input, mail_ctx);
+ if (mbox_sync_parse_next_mail(sync_ctx->input, mail_ctx) < 0)
+ return -1;
+ if (istream_raw_mbox_is_corrupted(sync_ctx->input))
+ return -1;
+
i_assert(sync_ctx->input->v_offset != mail_ctx->mail.from_offset ||
sync_ctx->input->eof);
- if (istream_raw_mbox_is_corrupted(sync_ctx->input))
+ if (istream_raw_mbox_get_body_size(sync_ctx->input,
+ mail_ctx->content_length,
+ &mail_ctx->mail.body_size) < 0) {
+ mbox_sync_set_critical(sync_ctx,
+ "Couldn't get body size for seq=%u", mail_ctx->seq);
return -1;
-
- mail_ctx->mail.body_size =
- istream_raw_mbox_get_body_size(sync_ctx->input,
- mail_ctx->content_length);
+ }
i_assert(mail_ctx->mail.body_size < OFF_T_MAX);
if ((mail_ctx->mail.flags & MAIL_RECENT) != 0 &&
@@ -810,7 +820,7 @@
mbox_sync_seek_to_seq(struct mbox_sync_context *sync_ctx, uint32_t seq)
{
struct mbox_mailbox *mbox = sync_ctx->mbox;
- uoff_t old_offset;
+ uoff_t old_offset, offset;
uint32_t uid;
int ret;
bool deleted;
@@ -864,7 +874,11 @@
sync_ctx->idx_seq = seq;
sync_ctx->dest_first_mail = sync_ctx->seq == 0;
- (void)istream_raw_mbox_get_body_offset(sync_ctx->input);
+ if (istream_raw_mbox_get_body_offset(sync_ctx->input, &offset) < 0) {
+ mbox_sync_set_critical(sync_ctx,
+ "Message body offset lookup failed");
+ return -1;
+ }
return 1;
}
@@ -1149,8 +1163,9 @@
sync_ctx->idx_seq++;
}
- istream_raw_mbox_next(sync_ctx->input,
- mail_ctx->mail.body_size);
+ if (istream_raw_mbox_next(sync_ctx->input,
+ mail_ctx->mail.body_size) < 0)
+ return -1;
offset = istream_raw_mbox_get_start_offset(sync_ctx->input);
if (sync_ctx->need_space_seq != 0) {