Mercurial > masqmail-0.2

comparison src/smtp_in.c @ 136:6b78aaced5e1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
check max length of addresses in SMTP dialog (based on Paolo's patch) get_address() does now return false if the address was too long
author meillo@marmaro.de
date Tue, 06 Jul 2010 14:28:08 +0200
parents b072426cc6bb
children
comparison
equal deleted inserted replaced
135:b072426cc6bb 136:6b78aaced5e1
76 76
77 77
78 /* this is a quick hack: we expect the address to be syntactically correct 78 /* this is a quick hack: we expect the address to be syntactically correct
79 and containing the mailbox only, though we first check for size in 79 and containing the mailbox only, though we first check for size in
80 smtp_in(). 80 smtp_in().
81 Return false if address is too long.
81 */ 82 */
82 static gboolean 83 static gboolean
83 get_address(gchar * line, gchar * addr) 84 get_address(gchar * line, gchar * addr)
84 { 85 {
85 gchar *p = line; 86 gchar *p = line;
95 while (*p && isspace(*p)) { 96 while (*p && isspace(*p)) {
96 p++; 97 p++;
97 } 98 }
98 99
99 /* get address: */ 100 /* get address: */
100 while (*p && !isspace(*p) && (q < addr + MAX_ADDRESS - 1)) { 101 while (*p && !isspace(*p)) {
102 if (q >= addr + MAX_ADDRESS-1) {
103 *q = '\0';
104 return FALSE;
105 }
101 *(q++) = *(p++); 106 *(q++) = *(p++);
102 } 107 }
103 *q = 0; 108 *q = '\0';
104 109
105 return TRUE; 110 return TRUE;
106 } 111 }
107 112
108 static smtp_connection* 113 static smtp_connection*
211 } 216 }
212 if (psc->from_seen) { 217 if (psc->from_seen) {
213 smtp_printf(out, "503 MAIL FROM: already given.\r\n"); 218 smtp_printf(out, "503 MAIL FROM: already given.\r\n");
214 break; 219 break;
215 } 220 }
216
217 if (get_size(buffer, &msize)) { 221 if (get_size(buffer, &msize)) {
218 DEBUG(5) debugf("smtp_in(): get_size: msize=%ld, conf.mms=%d\n", 222 DEBUG(5) debugf("smtp_in(): get_size: msize=%ld, conf.mms=%d\n",
219 msize, conf.max_msg_size); 223 msize, conf.max_msg_size);
220 if (conf.max_msg_size && (msize > conf.max_msg_size)) { 224 if (conf.max_msg_size && (msize > conf.max_msg_size)) {
221 smtp_printf(out, "552 Message size exceeds fixed limit.\r\n"); 225 smtp_printf(out, "552 Message size exceeds fixed limit.\r\n");
222 break; 226 break;
223 } 227 }
224 } 228 }
229 if (!get_address(buffer, buf)) {
230 smtp_printf(out, "553 Address too long.\r\n");
231 break;
232 }
225 233
226 msg = create_message(); 234 msg = create_message();
227 msg->received_host = remote_host ? g_strdup(remote_host) : NULL; 235 msg->received_host = remote_host ? g_strdup(remote_host) : NULL;
228 msg->received_prot = psc->prot; 236 msg->received_prot = psc->prot;
229 msg->ident = ident ? g_strdup(ident) : NULL; 237 msg->ident = ident ? g_strdup(ident) : NULL;
230 /* get transfer id and increment for next one */ 238 /* get transfer id and increment for next one */
231 msg->transfer_id = (psc->next_id)++; 239 msg->transfer_id = (psc->next_id)++;
232 240
233 get_address(buffer, buf);
234 if (remote_host) { 241 if (remote_host) {
235 addr = create_address(buf, TRUE); 242 addr = create_address(buf, TRUE);
236 } else { 243 } else {
237 addr = create_address_qualified(buf, TRUE, conf.host_name); 244 addr = create_address_qualified(buf, TRUE, conf.host_name);
238 } 245 }
259 } 266 }
260 if (!psc->from_seen) { 267 if (!psc->from_seen) {
261 smtp_printf(out, "503 need MAIL FROM: before RCPT TO:\r\n"); 268 smtp_printf(out, "503 need MAIL FROM: before RCPT TO:\r\n");
262 break; 269 break;
263 } 270 }
271 if (!get_address(buffer, buf)) {
272 smtp_printf(out, "553 Address too long.\r\n");
273 break;
274 }
264 275
265 get_address(buffer, buf);
266 if (remote_host) { 276 if (remote_host) {
267 addr = create_address(buf, TRUE); 277 addr = create_address(buf, TRUE);
268 } else { 278 } else {
269 addr = create_address_qualified(buf, TRUE, conf.host_name); 279 addr = create_address_qualified(buf, TRUE, conf.host_name);
270 } 280 }