masqmail
changeset 136:6b78aaced5e1
check max length of addresses in SMTP dialog
(based on Paolo's patch)
get_address() does now return false if the address was too long
author | meillo@marmaro.de |
---|---|
date | Tue, 06 Jul 2010 14:28:08 +0200 (2010-07-06) |
parents | b072426cc6bb |
children | 13bad7a80de4 |
files | src/smtp_in.c |
diffstat | 1 files changed, 15 insertions(+), 5 deletions(-) [+] |
line diff
1.1 --- a/src/smtp_in.c Tue Jul 06 13:46:51 2010 +0200 1.2 +++ b/src/smtp_in.c Tue Jul 06 14:28:08 2010 +0200 1.3 @@ -78,6 +78,7 @@ 1.4 /* this is a quick hack: we expect the address to be syntactically correct 1.5 and containing the mailbox only, though we first check for size in 1.6 smtp_in(). 1.7 + Return false if address is too long. 1.8 */ 1.9 static gboolean 1.10 get_address(gchar * line, gchar * addr) 1.11 @@ -97,10 +98,14 @@ 1.12 } 1.13 1.14 /* get address: */ 1.15 - while (*p && !isspace(*p) && (q < addr + MAX_ADDRESS - 1)) { 1.16 + while (*p && !isspace(*p)) { 1.17 + if (q >= addr + MAX_ADDRESS-1) { 1.18 + *q = '\0'; 1.19 + return FALSE; 1.20 + } 1.21 *(q++) = *(p++); 1.22 } 1.23 - *q = 0; 1.24 + *q = '\0'; 1.25 1.26 return TRUE; 1.27 } 1.28 @@ -213,7 +218,6 @@ 1.29 smtp_printf(out, "503 MAIL FROM: already given.\r\n"); 1.30 break; 1.31 } 1.32 - 1.33 if (get_size(buffer, &msize)) { 1.34 DEBUG(5) debugf("smtp_in(): get_size: msize=%ld, conf.mms=%d\n", 1.35 msize, conf.max_msg_size); 1.36 @@ -222,6 +226,10 @@ 1.37 break; 1.38 } 1.39 } 1.40 + if (!get_address(buffer, buf)) { 1.41 + smtp_printf(out, "553 Address too long.\r\n"); 1.42 + break; 1.43 + } 1.44 1.45 msg = create_message(); 1.46 msg->received_host = remote_host ? g_strdup(remote_host) : NULL; 1.47 @@ -230,7 +238,6 @@ 1.48 /* get transfer id and increment for next one */ 1.49 msg->transfer_id = (psc->next_id)++; 1.50 1.51 - get_address(buffer, buf); 1.52 if (remote_host) { 1.53 addr = create_address(buf, TRUE); 1.54 } else { 1.55 @@ -261,8 +268,11 @@ 1.56 smtp_printf(out, "503 need MAIL FROM: before RCPT TO:\r\n"); 1.57 break; 1.58 } 1.59 + if (!get_address(buffer, buf)) { 1.60 + smtp_printf(out, "553 Address too long.\r\n"); 1.61 + break; 1.62 + } 1.63 1.64 - get_address(buffer, buf); 1.65 if (remote_host) { 1.66 addr = create_address(buf, TRUE); 1.67 } else {