evolution-data-server/evolution-data-server-1.10.1-apop-auth-vulnerability.patch

34 lines
1.0 KiB
Diff

--- evolution-data-server-1.10.1/camel/providers/pop3/camel-pop3-store.c.apop-auth-vulnerability 2007-04-09 08:42:37.000000000 -0400
+++ evolution-data-server-1.10.1/camel/providers/pop3/camel-pop3-store.c 2007-04-30 16:42:12.000000000 -0400
@@ -34,6 +34,7 @@
#include <string.h>
#include <unistd.h>
#include <errno.h>
+#include <ctype.h>
#include "camel-operation.h"
@@ -489,7 +490,21 @@
} else if (strcmp(service->url->authmech, "+APOP") == 0 && store->engine->apop) {
char *secret, md5asc[33], *d;
unsigned char md5sum[16], *s;
-
+
+ d = store->engine->apop;
+
+ while (*d != '\0') {
+ if (!isascii((int)*d)) {
+
+ camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_URL_INVALID,
+ _("Unable to connect to POP server %s: "),
+ CAMEL_SERVICE (store)->url->host);
+
+ return FALSE;
+ }
+ d++;
+ }
+
secret = g_alloca(strlen(store->engine->apop)+strlen(service->url->passwd)+1);
sprintf(secret, "%s%s", store->engine->apop, service->url->passwd);
md5_get_digest(secret, strlen (secret), md5sum);