masqmail-0.2

changeset 136:6b78aaced5e1

check max length of addresses in SMTP dialog (based on Paolo's patch) get_address() does now return false if the address was too long
author meillo@marmaro.de
date Tue, 06 Jul 2010 14:28:08 +0200
parents b072426cc6bb
children 13bad7a80de4
files src/smtp_in.c
diffstat 1 files changed, 15 insertions(+), 5 deletions(-) [+]
line diff
     1.1 --- a/src/smtp_in.c	Tue Jul 06 13:46:51 2010 +0200
     1.2 +++ b/src/smtp_in.c	Tue Jul 06 14:28:08 2010 +0200
     1.3 @@ -78,6 +78,7 @@
     1.4  /* this is a quick hack: we expect the address to be syntactically correct
     1.5     and containing the mailbox only, though we first check for size in
     1.6     smtp_in().
     1.7 +   Return false if address is too long.
     1.8  */
     1.9  static gboolean
    1.10  get_address(gchar * line, gchar * addr)
    1.11 @@ -97,10 +98,14 @@
    1.12  	}
    1.13  
    1.14  	/* get address: */
    1.15 -	while (*p && !isspace(*p) && (q < addr + MAX_ADDRESS - 1)) {
    1.16 +	while (*p && !isspace(*p)) {
    1.17 +		if (q >= addr + MAX_ADDRESS-1) {
    1.18 +			*q = '\0';
    1.19 +			return FALSE;
    1.20 +		}
    1.21  		*(q++) = *(p++);
    1.22  	}
    1.23 -	*q = 0;
    1.24 +	*q = '\0';
    1.25  
    1.26  	return TRUE;
    1.27  }
    1.28 @@ -213,7 +218,6 @@
    1.29  					smtp_printf(out, "503 MAIL FROM: already given.\r\n");
    1.30  					break;
    1.31  				}
    1.32 -
    1.33  				if (get_size(buffer, &msize)) {
    1.34  					DEBUG(5) debugf("smtp_in(): get_size: msize=%ld, conf.mms=%d\n",
    1.35  							msize, conf.max_msg_size);
    1.36 @@ -222,6 +226,10 @@
    1.37  						break;
    1.38  					}
    1.39  				}
    1.40 +				if (!get_address(buffer, buf)) {
    1.41 +					smtp_printf(out, "553 Address too long.\r\n");
    1.42 +					break;
    1.43 +				}
    1.44  
    1.45  				msg = create_message();
    1.46  				msg->received_host = remote_host ? g_strdup(remote_host) : NULL;
    1.47 @@ -230,7 +238,6 @@
    1.48  				/* get transfer id and increment for next one */
    1.49  				msg->transfer_id = (psc->next_id)++;
    1.50  	
    1.51 -				get_address(buffer, buf);
    1.52  				if (remote_host) {
    1.53  					addr = create_address(buf, TRUE);
    1.54  				} else {
    1.55 @@ -261,8 +268,11 @@
    1.56  					smtp_printf(out, "503 need MAIL FROM: before RCPT TO:\r\n");
    1.57  					break;
    1.58  				}
    1.59 +				if (!get_address(buffer, buf)) {
    1.60 +					smtp_printf(out, "553 Address too long.\r\n");
    1.61 +					break;
    1.62 +				}
    1.63  	
    1.64 -				get_address(buffer, buf);
    1.65  				if (remote_host) {
    1.66  					addr = create_address(buf, TRUE);
    1.67  				} else {