111 lines
3.3 KiB
Diff
111 lines
3.3 KiB
Diff
From 9d3ecff3de5553159334cf644e996a616dc52670 Mon Sep 17 00:00:00 2001
|
|
From: Timo Sirainen <timo.sirainen@open-xchange.com>
|
|
Date: Mon, 17 Aug 2020 18:22:42 +0300
|
|
Subject: [PATCH] imap-login: Use imap_parser_read_tag() and
|
|
_read_command_name()
|
|
|
|
---
|
|
src/imap-login/imap-login-client.c | 58 ++++++++++++------------------
|
|
1 file changed, 23 insertions(+), 35 deletions(-)
|
|
|
|
diff --git a/src/imap-login/imap-login-client.c b/src/imap-login/imap-login-client.c
|
|
index ce5049d567..b2c8af9cbf 100644
|
|
--- a/src/imap-login/imap-login-client.c
|
|
+++ b/src/imap-login/imap-login-client.c
|
|
@@ -196,7 +196,7 @@ static int client_command_execute(struct imap_client *client, const char *cmd,
|
|
|
|
static bool client_invalid_command(struct imap_client *client)
|
|
{
|
|
- if (*client->cmd_tag == '\0')
|
|
+ if (client->cmd_tag == NULL || *client->cmd_tag == '\0')
|
|
client->cmd_tag = "*";
|
|
if (++client->common.bad_counter >= CLIENT_MAX_BAD_COMMANDS) {
|
|
client_send_reply(&client->common, IMAP_CMD_REPLY_BYE,
|
|
@@ -210,33 +210,6 @@ static bool client_invalid_command(struct imap_client *client)
|
|
return TRUE;
|
|
}
|
|
|
|
-static bool imap_is_valid_tag(const char *tag)
|
|
-{
|
|
- for (; *tag != '\0'; tag++) {
|
|
- switch (*tag) {
|
|
- case '+':
|
|
- /* atom-specials: */
|
|
- case '(':
|
|
- case ')':
|
|
- case '{':
|
|
- case '/':
|
|
- case ' ':
|
|
- /* list-wildcards: */
|
|
- case '%':
|
|
- case '*':
|
|
- /* quoted-specials: */
|
|
- case '"':
|
|
- case '\\':
|
|
- return FALSE;
|
|
- default:
|
|
- if (*tag < ' ') /* CTL */
|
|
- return FALSE;
|
|
- break;
|
|
- }
|
|
- }
|
|
- return TRUE;
|
|
-}
|
|
-
|
|
static int client_parse_command(struct imap_client *client,
|
|
const struct imap_arg **args_r)
|
|
{
|
|
@@ -261,6 +234,9 @@ static int client_parse_command(struct imap_client *client,
|
|
|
|
static bool client_handle_input(struct imap_client *client)
|
|
{
|
|
+ const char *tag, *name;
|
|
+ int ret;
|
|
+
|
|
i_assert(!client->common.authenticating);
|
|
|
|
if (client->cmd_finished) {
|
|
@@ -282,23 +258,35 @@ static bool client_handle_input(struct imap_client *client)
|
|
}
|
|
|
|
if (client->cmd_tag == NULL) {
|
|
- client->cmd_tag = imap_parser_read_word(client->parser);
|
|
- if (client->cmd_tag == NULL)
|
|
+ ret = imap_parser_read_tag(client->parser, &tag);
|
|
+ if (ret == 0)
|
|
return FALSE; /* need more data */
|
|
- if (!imap_is_valid_tag(client->cmd_tag) ||
|
|
- strlen(client->cmd_tag) > IMAP_TAG_MAX_LEN) {
|
|
+ if (ret < 0 || strlen(tag) > IMAP_TAG_MAX_LEN) {
|
|
/* the tag is invalid, don't allow it and don't
|
|
send it back. this attempts to prevent any
|
|
potentially dangerous replies in case someone tries
|
|
to access us using HTTP protocol. */
|
|
- client->cmd_tag = "";
|
|
+ client->skip_line = TRUE;
|
|
+ client->cmd_finished = TRUE;
|
|
+ if (!client_invalid_command(client))
|
|
+ return FALSE;
|
|
+ return client_handle_input(client);
|
|
}
|
|
+ client->cmd_tag = tag;
|
|
}
|
|
|
|
if (client->cmd_name == NULL) {
|
|
- client->cmd_name = imap_parser_read_word(client->parser);
|
|
- if (client->cmd_name == NULL)
|
|
+ ret = imap_parser_read_command_name(client->parser, &name);
|
|
+ if (ret == 0)
|
|
return FALSE; /* need more data */
|
|
+ if (ret < 0) {
|
|
+ client->skip_line = TRUE;
|
|
+ client->cmd_finished = TRUE;
|
|
+ if (!client_invalid_command(client))
|
|
+ return FALSE;
|
|
+ return client_handle_input(client);
|
|
+ }
|
|
+ client->cmd_name = name;
|
|
}
|
|
return client->common.v.input_next_cmd(&client->common);
|
|
}
|