|
 |
b62b43 |
diff -up dovecot-2.3.8/src/doveadm/doveadm-mail-fetch.c.CVE_2020_12100 dovecot-2.3.8/src/doveadm/doveadm-mail-fetch.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/doveadm/doveadm-mail-fetch.c.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/doveadm/doveadm-mail-fetch.c 2020-08-07 12:29:39.975827486 +0200
|
|
|
b62b43 |
@@ -265,6 +265,9 @@ static int fetch_text(struct fetch_cmd_c
|
|
|
b62b43 |
|
|
|
b62b43 |
static int fetch_text_utf8(struct fetch_cmd_context *ctx)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = {
|
|
|
b62b43 |
+ .hdr_flags = MESSAGE_HEADER_PARSER_FLAG_CLEAN_ONELINE,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
struct istream *input;
|
|
|
b62b43 |
struct message_parser_ctx *parser;
|
|
|
b62b43 |
struct message_decoder_context *decoder;
|
|
|
b62b43 |
@@ -275,9 +278,7 @@ static int fetch_text_utf8(struct fetch_
|
|
|
b62b43 |
if (mail_get_stream(ctx->mail, NULL, NULL, &input) < 0)
|
|
|
b62b43 |
return -1;
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool_datastack_create(), input,
|
|
|
b62b43 |
- MESSAGE_HEADER_PARSER_FLAG_CLEAN_ONELINE,
|
|
|
b62b43 |
- 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool_datastack_create(), input, &parser_set);
|
|
|
b62b43 |
decoder = message_decoder_init(NULL, 0);
|
|
|
b62b43 |
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &raw_block)) > 0) {
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-imap/test-imap-bodystructure.c.CVE_2020_12100 dovecot-2.3.8/src/lib-imap/test-imap-bodystructure.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-imap/test-imap-bodystructure.c.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-imap/test-imap-bodystructure.c 2020-08-07 12:29:39.975827486 +0200
|
|
|
b62b43 |
@@ -381,6 +381,11 @@ static const unsigned int normalize_test
|
|
|
b62b43 |
static struct message_part *
|
|
|
b62b43 |
msg_parse(pool_t pool, const char *message, bool parse_bodystructure)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = {
|
|
|
b62b43 |
+ .hdr_flags = MESSAGE_HEADER_PARSER_FLAG_SKIP_INITIAL_LWSP |
|
|
|
b62b43 |
+ MESSAGE_HEADER_PARSER_FLAG_DROP_CR,
|
|
|
b62b43 |
+ .flags = MESSAGE_PARSER_FLAG_SKIP_BODY_BLOCK,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
struct message_parser_ctx *parser;
|
|
|
b62b43 |
struct istream *input;
|
|
|
b62b43 |
struct message_block block;
|
|
|
b62b43 |
@@ -388,10 +393,7 @@ msg_parse(pool_t pool, const char *messa
|
|
|
b62b43 |
int ret;
|
|
|
b62b43 |
|
|
|
b62b43 |
input = i_stream_create_from_data(message, strlen(message));
|
|
|
b62b43 |
- parser = message_parser_init(pool, input,
|
|
|
b62b43 |
- MESSAGE_HEADER_PARSER_FLAG_SKIP_INITIAL_LWSP |
|
|
|
b62b43 |
- MESSAGE_HEADER_PARSER_FLAG_DROP_CR,
|
|
|
b62b43 |
- MESSAGE_PARSER_FLAG_SKIP_BODY_BLOCK);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &parser_set);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &block)) > 0) {
|
|
|
b62b43 |
if (parse_bodystructure) {
|
|
|
b62b43 |
message_part_data_parse_from_header(pool, block.part,
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-imap/test-imap-envelope.c.CVE_2020_12100 dovecot-2.3.8/src/lib-imap/test-imap-envelope.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-imap/test-imap-envelope.c.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-imap/test-imap-envelope.c 2020-08-07 12:29:39.975827486 +0200
|
|
|
b62b43 |
@@ -118,6 +118,11 @@ static const unsigned int parse_tests_co
|
|
|
b62b43 |
static struct message_part_envelope *
|
|
|
b62b43 |
msg_parse(pool_t pool, const char *message)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = {
|
|
|
b62b43 |
+ .hdr_flags = MESSAGE_HEADER_PARSER_FLAG_SKIP_INITIAL_LWSP |
|
|
|
b62b43 |
+ MESSAGE_HEADER_PARSER_FLAG_DROP_CR,
|
|
|
b62b43 |
+ .flags = MESSAGE_PARSER_FLAG_SKIP_BODY_BLOCK,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
struct message_parser_ctx *parser;
|
|
|
b62b43 |
struct message_part_envelope *envlp = NULL;
|
|
|
b62b43 |
struct istream *input;
|
|
|
b62b43 |
@@ -126,10 +131,7 @@ msg_parse(pool_t pool, const char *messa
|
|
|
b62b43 |
int ret;
|
|
|
b62b43 |
|
|
|
b62b43 |
input = i_stream_create_from_data(message, strlen(message));
|
|
|
b62b43 |
- parser = message_parser_init(pool, input,
|
|
|
b62b43 |
- MESSAGE_HEADER_PARSER_FLAG_SKIP_INITIAL_LWSP |
|
|
|
b62b43 |
- MESSAGE_HEADER_PARSER_FLAG_DROP_CR,
|
|
|
b62b43 |
- MESSAGE_PARSER_FLAG_SKIP_BODY_BLOCK);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &parser_set);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &block)) > 0) {
|
|
|
b62b43 |
i_assert(block.part->parent == NULL);
|
|
|
b62b43 |
message_part_envelope_parse_from_header(pool, &envlp, block.hdr);
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-mail/istream-attachment-extractor.c.CVE_2020_12100 dovecot-2.3.8/src/lib-mail/istream-attachment-extractor.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-mail/istream-attachment-extractor.c.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-mail/istream-attachment-extractor.c 2020-08-07 12:29:39.975827486 +0200
|
|
|
b62b43 |
@@ -696,6 +696,10 @@ i_stream_create_attachment_extractor(str
|
|
|
b62b43 |
struct istream_attachment_settings *set,
|
|
|
b62b43 |
void *context)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = {
|
|
|
b62b43 |
+ .flags = MESSAGE_PARSER_FLAG_INCLUDE_MULTIPART_BLOCKS |
|
|
|
b62b43 |
+ MESSAGE_PARSER_FLAG_INCLUDE_BOUNDARIES,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
struct attachment_istream *astream;
|
|
|
b62b43 |
|
|
|
b62b43 |
i_assert(set->min_size > 0);
|
|
|
b62b43 |
@@ -722,9 +726,7 @@ i_stream_create_attachment_extractor(str
|
|
|
b62b43 |
astream->istream.istream.seekable = FALSE;
|
|
|
b62b43 |
|
|
|
b62b43 |
astream->pool = pool_alloconly_create("istream attachment", 1024);
|
|
|
b62b43 |
- astream->parser = message_parser_init(astream->pool, input, 0,
|
|
|
b62b43 |
- MESSAGE_PARSER_FLAG_INCLUDE_MULTIPART_BLOCKS |
|
|
|
b62b43 |
- MESSAGE_PARSER_FLAG_INCLUDE_BOUNDARIES);
|
|
|
b62b43 |
+ astream->parser = message_parser_init(astream->pool, input, &parser_set);
|
|
|
b62b43 |
return i_stream_create(&astream->istream, input,
|
|
|
b62b43 |
i_stream_get_fd(input), 0);
|
|
|
b62b43 |
}
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-mail/istream-binary-converter.c.CVE_2020_12100 dovecot-2.3.8/src/lib-mail/istream-binary-converter.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-mail/istream-binary-converter.c.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-mail/istream-binary-converter.c 2020-08-07 12:29:39.975827486 +0200
|
|
|
b62b43 |
@@ -286,6 +286,10 @@ static void i_stream_binary_converter_cl
|
|
|
b62b43 |
|
|
|
b62b43 |
struct istream *i_stream_create_binary_converter(struct istream *input)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = {
|
|
|
b62b43 |
+ .flags = MESSAGE_PARSER_FLAG_INCLUDE_MULTIPART_BLOCKS |
|
|
|
b62b43 |
+ MESSAGE_PARSER_FLAG_INCLUDE_BOUNDARIES,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
struct binary_converter_istream *bstream;
|
|
|
b62b43 |
|
|
|
b62b43 |
bstream = i_new(struct binary_converter_istream, 1);
|
|
|
b62b43 |
@@ -299,9 +303,7 @@ struct istream *i_stream_create_binary_c
|
|
|
b62b43 |
bstream->istream.istream.seekable = FALSE;
|
|
|
b62b43 |
|
|
|
b62b43 |
bstream->pool = pool_alloconly_create("istream binary converter", 128);
|
|
|
b62b43 |
- bstream->parser = message_parser_init(bstream->pool, input, 0,
|
|
|
b62b43 |
- MESSAGE_PARSER_FLAG_INCLUDE_MULTIPART_BLOCKS |
|
|
|
b62b43 |
- MESSAGE_PARSER_FLAG_INCLUDE_BOUNDARIES);
|
|
|
b62b43 |
+ bstream->parser = message_parser_init(bstream->pool, input, &parser_set);
|
|
|
b62b43 |
return i_stream_create(&bstream->istream, input,
|
|
|
b62b43 |
i_stream_get_fd(input), 0);
|
|
|
b62b43 |
}
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-mail/Makefile.am.CVE_2020_12100 dovecot-2.3.8/src/lib-mail/Makefile.am
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-mail/Makefile.am.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-mail/Makefile.am 2020-08-07 12:29:39.972827528 +0200
|
|
|
b62b43 |
@@ -28,6 +28,7 @@ libmail_la_SOURCES = \
|
|
|
b62b43 |
message-header-parser.c \
|
|
|
b62b43 |
message-id.c \
|
|
|
b62b43 |
message-parser.c \
|
|
|
b62b43 |
+ message-parser-from-parts.c \
|
|
|
b62b43 |
message-part.c \
|
|
|
b62b43 |
message-part-data.c \
|
|
|
b62b43 |
message-part-serialize.c \
|
|
|
b62b43 |
@@ -42,7 +43,8 @@ libmail_la_SOURCES = \
|
|
|
b62b43 |
rfc822-parser.c
|
|
|
b62b43 |
|
|
|
b62b43 |
noinst_HEADERS = \
|
|
|
b62b43 |
- html-entities.h
|
|
|
b62b43 |
+ html-entities.h \
|
|
|
b62b43 |
+ message-parser-private.h
|
|
|
b62b43 |
|
|
|
b62b43 |
headers = \
|
|
|
b62b43 |
istream-attachment-connector.h \
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-mail/message-parser.c.CVE_2020_12100 dovecot-2.3.8/src/lib-mail/message-parser.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-mail/message-parser.c.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-mail/message-parser.c 2020-08-07 12:29:39.978827444 +0200
|
|
|
b62b43 |
@@ -1,54 +1,12 @@
|
|
|
b62b43 |
/* Copyright (c) 2002-2018 Dovecot authors, see the included COPYING file */
|
|
|
b62b43 |
|
|
|
b62b43 |
#include "lib.h"
|
|
|
b62b43 |
-#include "buffer.h"
|
|
|
b62b43 |
+#include "array.h"
|
|
|
b62b43 |
#include "str.h"
|
|
|
b62b43 |
#include "istream.h"
|
|
|
b62b43 |
#include "rfc822-parser.h"
|
|
|
b62b43 |
#include "rfc2231-parser.h"
|
|
|
b62b43 |
-#include "message-parser.h"
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-/* RFC-2046 requires boundaries are max. 70 chars + "--" prefix + "--" suffix.
|
|
|
b62b43 |
- We'll add a bit more just in case. */
|
|
|
b62b43 |
-#define BOUNDARY_END_MAX_LEN (70 + 2 + 2 + 10)
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-struct message_boundary {
|
|
|
b62b43 |
- struct message_boundary *next;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- struct message_part *part;
|
|
|
b62b43 |
- const char *boundary;
|
|
|
b62b43 |
- size_t len;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- bool epilogue_found:1;
|
|
|
b62b43 |
-};
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-struct message_parser_ctx {
|
|
|
b62b43 |
- pool_t parser_pool, part_pool;
|
|
|
b62b43 |
- struct istream *input;
|
|
|
b62b43 |
- struct message_part *parts, *part;
|
|
|
b62b43 |
- const char *broken_reason;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- enum message_header_parser_flags hdr_flags;
|
|
|
b62b43 |
- enum message_parser_flags flags;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- const char *last_boundary;
|
|
|
b62b43 |
- struct message_boundary *boundaries;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- size_t skip;
|
|
|
b62b43 |
- char last_chr;
|
|
|
b62b43 |
- unsigned int want_count;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- struct message_header_parser_ctx *hdr_parser_ctx;
|
|
|
b62b43 |
- unsigned int prev_hdr_newline_size;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- int (*parse_next_block)(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r);
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- bool part_seen_content_type:1;
|
|
|
b62b43 |
- bool multipart:1;
|
|
|
b62b43 |
- bool preparsed:1;
|
|
|
b62b43 |
- bool eof:1;
|
|
|
b62b43 |
-};
|
|
|
b62b43 |
+#include "message-parser-private.h"
|
|
|
b62b43 |
|
|
|
b62b43 |
message_part_header_callback_t *null_message_part_header_callback = NULL;
|
|
|
b62b43 |
|
|
|
b62b43 |
@@ -58,14 +16,10 @@ static int parse_next_body_to_boundary(s
|
|
|
b62b43 |
struct message_block *block_r);
|
|
|
b62b43 |
static int parse_next_body_to_eof(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
struct message_block *block_r);
|
|
|
b62b43 |
-static int preparsed_parse_epilogue_init(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r);
|
|
|
b62b43 |
-static int preparsed_parse_next_header_init(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r);
|
|
|
b62b43 |
|
|
|
b62b43 |
static struct message_boundary *
|
|
|
b62b43 |
boundary_find(struct message_boundary *boundaries,
|
|
|
b62b43 |
- const unsigned char *data, size_t len)
|
|
|
b62b43 |
+ const unsigned char *data, size_t len, bool trailing_dashes)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
struct message_boundary *best = NULL;
|
|
|
b62b43 |
|
|
|
b62b43 |
@@ -77,8 +31,18 @@ boundary_find(struct message_boundary *b
|
|
|
b62b43 |
while (boundaries != NULL) {
|
|
|
b62b43 |
if (boundaries->len <= len &&
|
|
|
b62b43 |
memcmp(boundaries->boundary, data, boundaries->len) == 0 &&
|
|
|
b62b43 |
- (best == NULL || best->len < boundaries->len))
|
|
|
b62b43 |
+ (best == NULL || best->len < boundaries->len)) {
|
|
|
b62b43 |
best = boundaries;
|
|
|
b62b43 |
+ /* If we see "foo--", it could either mean that there
|
|
|
b62b43 |
+ is a boundary named "foo" that ends now or there's
|
|
|
b62b43 |
+ a boundary "foo--" which continues. */
|
|
|
b62b43 |
+ if (best->len == len ||
|
|
|
b62b43 |
+ (best->len == len-2 && trailing_dashes)) {
|
|
|
b62b43 |
+ /* This is exactly the wanted boundary. There
|
|
|
b62b43 |
+ can't be a better one. */
|
|
|
b62b43 |
+ break;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
|
|
|
b62b43 |
boundaries = boundaries->next;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
@@ -122,8 +86,8 @@ static void parse_body_add_block(struct
|
|
|
b62b43 |
ctx->part->body_size.virtual_size += block->size + missing_cr_count;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
-static int message_parser_read_more(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r, bool *full_r)
|
|
|
b62b43 |
+int message_parser_read_more(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r, bool *full_r)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
int ret;
|
|
|
b62b43 |
|
|
|
b62b43 |
@@ -168,19 +132,18 @@ static int message_parser_read_more(stru
|
|
|
b62b43 |
return 1;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
-static struct message_part *
|
|
|
b62b43 |
-message_part_append(pool_t pool, struct message_part *parent)
|
|
|
b62b43 |
+static void
|
|
|
b62b43 |
+message_part_append(struct message_parser_ctx *ctx)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
- struct message_part *p, *part, **list;
|
|
|
b62b43 |
+ struct message_part *parent = ctx->part;
|
|
|
b62b43 |
+ struct message_part *part;
|
|
|
b62b43 |
|
|
|
b62b43 |
i_assert(parent != NULL);
|
|
|
b62b43 |
i_assert((parent->flags & (MESSAGE_PART_FLAG_MULTIPART |
|
|
|
b62b43 |
MESSAGE_PART_FLAG_MESSAGE_RFC822)) != 0);
|
|
|
b62b43 |
|
|
|
b62b43 |
- part = p_new(pool, struct message_part, 1);
|
|
|
b62b43 |
+ part = p_new(ctx->part_pool, struct message_part, 1);
|
|
|
b62b43 |
part->parent = parent;
|
|
|
b62b43 |
- for (p = parent; p != NULL; p = p->parent)
|
|
|
b62b43 |
- p->children_count++;
|
|
|
b62b43 |
|
|
|
b62b43 |
/* set child position */
|
|
|
b62b43 |
part->physical_pos =
|
|
|
b62b43 |
@@ -188,33 +151,78 @@ message_part_append(pool_t pool, struct
|
|
|
b62b43 |
parent->body_size.physical_size +
|
|
|
b62b43 |
parent->header_size.physical_size;
|
|
|
b62b43 |
|
|
|
b62b43 |
- list = &part->parent->children;
|
|
|
b62b43 |
- while (*list != NULL)
|
|
|
b62b43 |
- list = &(*list)->next;
|
|
|
b62b43 |
+ /* add to parent's linked list */
|
|
|
b62b43 |
+ *ctx->next_part = part;
|
|
|
b62b43 |
+ /* update the parent's end-of-linked-list pointer */
|
|
|
b62b43 |
+ struct message_part **next_part = &part->next;
|
|
|
b62b43 |
+ array_push_back(&ctx->next_part_stack, &next_part);
|
|
|
b62b43 |
+ /* This part is now the new parent for the next message_part_append()
|
|
|
b62b43 |
+ call. Its linked list begins with the children pointer. */
|
|
|
b62b43 |
+ ctx->next_part = &part->children;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ ctx->part = part;
|
|
|
b62b43 |
+ ctx->nested_parts_count++;
|
|
|
b62b43 |
+ ctx->total_parts_count++;
|
|
|
b62b43 |
+ i_assert(ctx->nested_parts_count < ctx->max_nested_mime_parts);
|
|
|
b62b43 |
+ i_assert(ctx->total_parts_count <= ctx->max_total_mime_parts);
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static void message_part_finish(struct message_parser_ctx *ctx)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ struct message_part **const *parent_next_partp;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ i_assert(ctx->nested_parts_count > 0);
|
|
|
b62b43 |
+ ctx->nested_parts_count--;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ parent_next_partp = array_back(&ctx->next_part_stack);
|
|
|
b62b43 |
+ array_pop_back(&ctx->next_part_stack);
|
|
|
b62b43 |
+ ctx->next_part = *parent_next_partp;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ message_size_add(&ctx->part->parent->body_size, &ctx->part->body_size);
|
|
|
b62b43 |
+ message_size_add(&ctx->part->parent->body_size, &ctx->part->header_size);
|
|
|
b62b43 |
+ ctx->part->parent->children_count += 1 + ctx->part->children_count;
|
|
|
b62b43 |
+ ctx->part = ctx->part->parent;
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static void message_boundary_free(struct message_boundary *b)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ i_free(b->boundary);
|
|
|
b62b43 |
+ i_free(b);
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static void
|
|
|
b62b43 |
+boundary_remove_until(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_boundary *boundary)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ while (ctx->boundaries != boundary) {
|
|
|
b62b43 |
+ struct message_boundary *cur = ctx->boundaries;
|
|
|
b62b43 |
|
|
|
b62b43 |
- *list = part;
|
|
|
b62b43 |
- return part;
|
|
|
b62b43 |
+ i_assert(cur != NULL);
|
|
|
b62b43 |
+ ctx->boundaries = cur->next;
|
|
|
b62b43 |
+ message_boundary_free(cur);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ ctx->boundaries = boundary;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
static void parse_next_body_multipart_init(struct message_parser_ctx *ctx)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
struct message_boundary *b;
|
|
|
b62b43 |
|
|
|
b62b43 |
- b = p_new(ctx->parser_pool, struct message_boundary, 1);
|
|
|
b62b43 |
+ b = i_new(struct message_boundary, 1);
|
|
|
b62b43 |
b->part = ctx->part;
|
|
|
b62b43 |
b->boundary = ctx->last_boundary;
|
|
|
b62b43 |
+ ctx->last_boundary = NULL;
|
|
|
b62b43 |
b->len = strlen(b->boundary);
|
|
|
b62b43 |
|
|
|
b62b43 |
b->next = ctx->boundaries;
|
|
|
b62b43 |
ctx->boundaries = b;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- ctx->last_boundary = NULL;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
static int parse_next_body_message_rfc822_init(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
struct message_block *block_r)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
- ctx->part = message_part_append(ctx->part_pool, ctx->part);
|
|
|
b62b43 |
+ message_part_append(ctx);
|
|
|
b62b43 |
return parse_next_header_init(ctx, block_r);
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
@@ -239,19 +247,38 @@ boundary_line_find(struct message_parser
|
|
|
b62b43 |
return -1;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
+ if (ctx->total_parts_count >= ctx->max_total_mime_parts) {
|
|
|
b62b43 |
+ /* can't add any more MIME parts. just stop trying to find
|
|
|
b62b43 |
+ more boundaries. */
|
|
|
b62b43 |
+ return -1;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
/* need to find the end of line */
|
|
|
b62b43 |
- if (memchr(data + 2, '\n', size - 2) == NULL &&
|
|
|
b62b43 |
- size < BOUNDARY_END_MAX_LEN &&
|
|
|
b62b43 |
+ data += 2;
|
|
|
b62b43 |
+ size -= 2;
|
|
|
b62b43 |
+ const unsigned char *lf_pos = memchr(data, '\n', size);
|
|
|
b62b43 |
+ if (lf_pos == NULL &&
|
|
|
b62b43 |
+ size+2 < BOUNDARY_END_MAX_LEN &&
|
|
|
b62b43 |
!ctx->input->eof && !full) {
|
|
|
b62b43 |
/* no LF found */
|
|
|
b62b43 |
ctx->want_count = BOUNDARY_END_MAX_LEN;
|
|
|
b62b43 |
return 0;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
+ size_t find_size = size;
|
|
|
b62b43 |
+ bool trailing_dashes = FALSE;
|
|
|
b62b43 |
|
|
|
b62b43 |
- data += 2;
|
|
|
b62b43 |
- size -= 2;
|
|
|
b62b43 |
+ if (lf_pos != NULL) {
|
|
|
b62b43 |
+ find_size = lf_pos - data;
|
|
|
b62b43 |
+ if (find_size > 0 && data[find_size-1] == '\r')
|
|
|
b62b43 |
+ find_size--;
|
|
|
b62b43 |
+ if (find_size > 2 && data[find_size-1] == '-' &&
|
|
|
b62b43 |
+ data[find_size-2] == '-')
|
|
|
b62b43 |
+ trailing_dashes = TRUE;
|
|
|
b62b43 |
+ } else if (find_size > BOUNDARY_END_MAX_LEN)
|
|
|
b62b43 |
+ find_size = BOUNDARY_END_MAX_LEN;
|
|
|
b62b43 |
|
|
|
b62b43 |
- *boundary_r = boundary_find(ctx->boundaries, data, size);
|
|
|
b62b43 |
+ *boundary_r = boundary_find(ctx->boundaries, data, find_size,
|
|
|
b62b43 |
+ trailing_dashes);
|
|
|
b62b43 |
if (*boundary_r == NULL)
|
|
|
b62b43 |
return -1;
|
|
|
b62b43 |
|
|
|
b62b43 |
@@ -264,7 +291,7 @@ boundary_line_find(struct message_parser
|
|
|
b62b43 |
static int parse_next_mime_header_init(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
struct message_block *block_r)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
- ctx->part = message_part_append(ctx->part_pool, ctx->part);
|
|
|
b62b43 |
+ message_part_append(ctx);
|
|
|
b62b43 |
ctx->part->flags |= MESSAGE_PART_FLAG_IS_MIME;
|
|
|
b62b43 |
|
|
|
b62b43 |
return parse_next_header_init(ctx, block_r);
|
|
|
b62b43 |
@@ -313,26 +340,25 @@ static int parse_part_finish(struct mess
|
|
|
b62b43 |
struct message_boundary *boundary,
|
|
|
b62b43 |
struct message_block *block_r, bool first_line)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
- struct message_part *part;
|
|
|
b62b43 |
size_t line_size;
|
|
|
b62b43 |
+ size_t boundary_len = boundary->len;
|
|
|
b62b43 |
+ bool boundary_epilogue_found = boundary->epilogue_found;
|
|
|
b62b43 |
|
|
|
b62b43 |
i_assert(ctx->last_boundary == NULL);
|
|
|
b62b43 |
|
|
|
b62b43 |
/* get back to parent MIME part, summing the child MIME part sizes
|
|
|
b62b43 |
into parent's body sizes */
|
|
|
b62b43 |
- for (part = ctx->part; part != boundary->part; part = part->parent) {
|
|
|
b62b43 |
- message_size_add(&part->parent->body_size, &part->body_size);
|
|
|
b62b43 |
- message_size_add(&part->parent->body_size, &part->header_size);
|
|
|
b62b43 |
+ while (ctx->part != boundary->part) {
|
|
|
b62b43 |
+ message_part_finish(ctx);
|
|
|
b62b43 |
+ i_assert(ctx->part != NULL);
|
|
|
b62b43 |
}
|
|
|
b62b43 |
- i_assert(part != NULL);
|
|
|
b62b43 |
- ctx->part = part;
|
|
|
b62b43 |
|
|
|
b62b43 |
if (boundary->epilogue_found) {
|
|
|
b62b43 |
/* this boundary isn't needed anymore */
|
|
|
b62b43 |
- ctx->boundaries = boundary->next;
|
|
|
b62b43 |
+ boundary_remove_until(ctx, boundary->next);
|
|
|
b62b43 |
} else {
|
|
|
b62b43 |
/* forget about the boundaries we possibly skipped */
|
|
|
b62b43 |
- ctx->boundaries = boundary;
|
|
|
b62b43 |
+ boundary_remove_until(ctx, boundary);
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
/* the boundary itself should already be in buffer. add that. */
|
|
|
b62b43 |
@@ -349,7 +375,7 @@ static int parse_part_finish(struct mess
|
|
|
b62b43 |
i_assert(block_r->data[0] == '\n');
|
|
|
b62b43 |
line_size = 1;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
- line_size += 2 + boundary->len + (boundary->epilogue_found ? 2 : 0);
|
|
|
b62b43 |
+ line_size += 2 + boundary_len + (boundary_epilogue_found ? 2 : 0);
|
|
|
b62b43 |
i_assert(block_r->size >= ctx->skip + line_size);
|
|
|
b62b43 |
block_r->size = line_size;
|
|
|
b62b43 |
parse_body_add_block(ctx, block_r);
|
|
|
b62b43 |
@@ -510,8 +536,10 @@ static void parse_content_type(struct me
|
|
|
b62b43 |
rfc2231_parse(&parser, &results);
|
|
|
b62b43 |
for (; *results != NULL; results += 2) {
|
|
|
b62b43 |
if (strcasecmp(results[0], "boundary") == 0) {
|
|
|
b62b43 |
+ /* truncate excessively long boundaries */
|
|
|
b62b43 |
+ i_free(ctx->last_boundary);
|
|
|
b62b43 |
ctx->last_boundary =
|
|
|
b62b43 |
- p_strdup(ctx->parser_pool, results[1]);
|
|
|
b62b43 |
+ i_strndup(results[1], BOUNDARY_STRING_MAX_LEN);
|
|
|
b62b43 |
break;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
}
|
|
|
b62b43 |
@@ -533,6 +561,11 @@ static bool block_is_at_eoh(const struct
|
|
|
b62b43 |
return FALSE;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
+static bool parse_too_many_nested_mime_parts(struct message_parser_ctx *ctx)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ return ctx->nested_parts_count+1 >= ctx->max_nested_mime_parts;
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
#define MUTEX_FLAGS \
|
|
|
b62b43 |
(MESSAGE_PART_FLAG_MESSAGE_RFC822 | MESSAGE_PART_FLAG_MULTIPART)
|
|
|
b62b43 |
|
|
|
b62b43 |
@@ -557,8 +590,12 @@ static int parse_next_header(struct mess
|
|
|
b62b43 |
"\n--boundary" belongs to us or to a previous boundary.
|
|
|
b62b43 |
this is a problem if the boundary prefixes are identical,
|
|
|
b62b43 |
because MIME requires only the prefix to match. */
|
|
|
b62b43 |
- parse_next_body_multipart_init(ctx);
|
|
|
b62b43 |
- ctx->multipart = TRUE;
|
|
|
b62b43 |
+ if (!parse_too_many_nested_mime_parts(ctx)) {
|
|
|
b62b43 |
+ parse_next_body_multipart_init(ctx);
|
|
|
b62b43 |
+ ctx->multipart = TRUE;
|
|
|
b62b43 |
+ } else {
|
|
|
b62b43 |
+ part->flags &= ~MESSAGE_PART_FLAG_MULTIPART;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
/* before parsing the header see if we can find a --boundary from here.
|
|
|
b62b43 |
@@ -634,7 +671,7 @@ static int parse_next_header(struct mess
|
|
|
b62b43 |
i_assert(!ctx->multipart);
|
|
|
b62b43 |
part->flags = 0;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
- ctx->last_boundary = NULL;
|
|
|
b62b43 |
+ i_free(ctx->last_boundary);
|
|
|
b62b43 |
|
|
|
b62b43 |
if (!ctx->part_seen_content_type ||
|
|
|
b62b43 |
(part->flags & MESSAGE_PART_FLAG_IS_MIME) == 0) {
|
|
|
b62b43 |
@@ -662,12 +699,16 @@ static int parse_next_header(struct mess
|
|
|
b62b43 |
i_assert(ctx->last_boundary == NULL);
|
|
|
b62b43 |
ctx->multipart = FALSE;
|
|
|
b62b43 |
ctx->parse_next_block = parse_next_body_to_boundary;
|
|
|
b62b43 |
- } else if ((part->flags & MESSAGE_PART_FLAG_MESSAGE_RFC822) != 0)
|
|
|
b62b43 |
+ } else if ((part->flags & MESSAGE_PART_FLAG_MESSAGE_RFC822) != 0 &&
|
|
|
b62b43 |
+ !parse_too_many_nested_mime_parts(ctx)) {
|
|
|
b62b43 |
ctx->parse_next_block = parse_next_body_message_rfc822_init;
|
|
|
b62b43 |
- else if (ctx->boundaries != NULL)
|
|
|
b62b43 |
- ctx->parse_next_block = parse_next_body_to_boundary;
|
|
|
b62b43 |
- else
|
|
|
b62b43 |
- ctx->parse_next_block = parse_next_body_to_eof;
|
|
|
b62b43 |
+ } else {
|
|
|
b62b43 |
+ part->flags &= ~MESSAGE_PART_FLAG_MESSAGE_RFC822;
|
|
|
b62b43 |
+ if (ctx->boundaries != NULL)
|
|
|
b62b43 |
+ ctx->parse_next_block = parse_next_body_to_boundary;
|
|
|
b62b43 |
+ else
|
|
|
b62b43 |
+ ctx->parse_next_block = parse_next_body_to_eof;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
|
|
|
b62b43 |
ctx->want_count = 1;
|
|
|
b62b43 |
|
|
|
b62b43 |
@@ -692,358 +733,21 @@ static int parse_next_header_init(struct
|
|
|
b62b43 |
return parse_next_header(ctx, block_r);
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
-static int preparsed_parse_eof(struct message_parser_ctx *ctx ATTR_UNUSED,
|
|
|
b62b43 |
- struct message_block *block_r ATTR_UNUSED)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- return -1;
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static void preparsed_skip_to_next(struct message_parser_ctx *ctx)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_next_header_init;
|
|
|
b62b43 |
- while (ctx->part != NULL) {
|
|
|
b62b43 |
- if (ctx->part->next != NULL) {
|
|
|
b62b43 |
- ctx->part = ctx->part->next;
|
|
|
b62b43 |
- break;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- /* parse epilogue of multipart parent if requested */
|
|
|
b62b43 |
- if (ctx->part->parent != NULL &&
|
|
|
b62b43 |
- (ctx->part->parent->flags & MESSAGE_PART_FLAG_MULTIPART) != 0 &&
|
|
|
b62b43 |
- (ctx->flags & MESSAGE_PARSER_FLAG_INCLUDE_MULTIPART_BLOCKS) != 0) {
|
|
|
b62b43 |
- /* check for presence of epilogue */
|
|
|
b62b43 |
- uoff_t part_end = ctx->part->physical_pos +
|
|
|
b62b43 |
- ctx->part->header_size.physical_size +
|
|
|
b62b43 |
- ctx->part->body_size.physical_size;
|
|
|
b62b43 |
- uoff_t parent_end = ctx->part->parent->physical_pos +
|
|
|
b62b43 |
- ctx->part->parent->header_size.physical_size +
|
|
|
b62b43 |
- ctx->part->parent->body_size.physical_size;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (parent_end > part_end) {
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_epilogue_init;
|
|
|
b62b43 |
- break;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- ctx->part = ctx->part->parent;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- if (ctx->part == NULL)
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_eof;
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static int preparsed_parse_body_finish(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- i_stream_skip(ctx->input, ctx->skip);
|
|
|
b62b43 |
- ctx->skip = 0;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- preparsed_skip_to_next(ctx);
|
|
|
b62b43 |
- return ctx->parse_next_block(ctx, block_r);
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static int preparsed_parse_prologue_finish(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- i_stream_skip(ctx->input, ctx->skip);
|
|
|
b62b43 |
- ctx->skip = 0;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_next_header_init;
|
|
|
b62b43 |
- ctx->part = ctx->part->children;
|
|
|
b62b43 |
- return ctx->parse_next_block(ctx, block_r);
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static int preparsed_parse_body_more(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- uoff_t end_offset = ctx->part->physical_pos +
|
|
|
b62b43 |
- ctx->part->header_size.physical_size +
|
|
|
b62b43 |
- ctx->part->body_size.physical_size;
|
|
|
b62b43 |
- bool full;
|
|
|
b62b43 |
- int ret;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if ((ret = message_parser_read_more(ctx, block_r, &full)) <= 0)
|
|
|
b62b43 |
- return ret;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (ctx->input->v_offset + block_r->size >= end_offset) {
|
|
|
b62b43 |
- block_r->size = end_offset - ctx->input->v_offset;
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_body_finish;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- ctx->skip = block_r->size;
|
|
|
b62b43 |
- return 1;
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static int preparsed_parse_prologue_more(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- uoff_t boundary_min_start, end_offset;
|
|
|
b62b43 |
- const unsigned char *cur;
|
|
|
b62b43 |
- bool full;
|
|
|
b62b43 |
- int ret;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- i_assert(ctx->part->children != NULL);
|
|
|
b62b43 |
- end_offset = ctx->part->children->physical_pos;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if ((ret = message_parser_read_more(ctx, block_r, &full)) <= 0)
|
|
|
b62b43 |
- return ret;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (ctx->input->v_offset + block_r->size >= end_offset) {
|
|
|
b62b43 |
- /* we've got the full prologue: clip off the initial boundary */
|
|
|
b62b43 |
- block_r->size = end_offset - ctx->input->v_offset;
|
|
|
b62b43 |
- cur = block_r->data + block_r->size - 1;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- /* [\r]\n--boundary[\r]\n */
|
|
|
b62b43 |
- if (block_r->size < 5 || *cur != '\n') {
|
|
|
b62b43 |
- ctx->broken_reason = "Prologue boundary end not at expected position";
|
|
|
b62b43 |
- return -1;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- cur--;
|
|
|
b62b43 |
- if (*cur == '\r') cur--;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- /* find newline just before boundary */
|
|
|
b62b43 |
- for (; cur >= block_r->data; cur--) {
|
|
|
b62b43 |
- if (*cur == '\n') break;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (cur[0] != '\n' || cur[1] != '-' || cur[2] != '-') {
|
|
|
b62b43 |
- ctx->broken_reason = "Prologue boundary beginning not at expected position";
|
|
|
b62b43 |
- return -1;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (cur != block_r->data && cur[-1] == '\r') cur--;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- /* clip boundary */
|
|
|
b62b43 |
- block_r->size = cur - block_r->data;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_prologue_finish;
|
|
|
b62b43 |
- ctx->skip = block_r->size;
|
|
|
b62b43 |
- return 1;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- /* retain enough data in the stream buffer to contain initial boundary */
|
|
|
b62b43 |
- if (end_offset > BOUNDARY_END_MAX_LEN)
|
|
|
b62b43 |
- boundary_min_start = end_offset - BOUNDARY_END_MAX_LEN;
|
|
|
b62b43 |
- else
|
|
|
b62b43 |
- boundary_min_start = 0;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (ctx->input->v_offset + block_r->size >= boundary_min_start) {
|
|
|
b62b43 |
- if (boundary_min_start <= ctx->input->v_offset)
|
|
|
b62b43 |
- return 0;
|
|
|
b62b43 |
- block_r->size = boundary_min_start - ctx->input->v_offset;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- ctx->skip = block_r->size;
|
|
|
b62b43 |
- return 1;
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static int preparsed_parse_epilogue_more(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- uoff_t end_offset = ctx->part->physical_pos +
|
|
|
b62b43 |
- ctx->part->header_size.physical_size +
|
|
|
b62b43 |
- ctx->part->body_size.physical_size;
|
|
|
b62b43 |
- bool full;
|
|
|
b62b43 |
- int ret;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if ((ret = message_parser_read_more(ctx, block_r, &full)) <= 0)
|
|
|
b62b43 |
- return ret;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (ctx->input->v_offset + block_r->size >= end_offset) {
|
|
|
b62b43 |
- block_r->size = end_offset - ctx->input->v_offset;
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_body_finish;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- ctx->skip = block_r->size;
|
|
|
b62b43 |
- return 1;
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static int preparsed_parse_epilogue_boundary(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- uoff_t end_offset = ctx->part->physical_pos +
|
|
|
b62b43 |
- ctx->part->header_size.physical_size +
|
|
|
b62b43 |
- ctx->part->body_size.physical_size;
|
|
|
b62b43 |
- const unsigned char *data, *cur;
|
|
|
b62b43 |
- size_t size;
|
|
|
b62b43 |
- bool full;
|
|
|
b62b43 |
- int ret;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (end_offset - ctx->input->v_offset < 7) {
|
|
|
b62b43 |
- ctx->broken_reason = "Epilogue position is wrong";
|
|
|
b62b43 |
- return -1;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if ((ret = message_parser_read_more(ctx, block_r, &full)) <= 0)
|
|
|
b62b43 |
- return ret;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- /* [\r]\n--boundary--[\r]\n */
|
|
|
b62b43 |
- if (block_r->size < 7) {
|
|
|
b62b43 |
- ctx->want_count = 7;
|
|
|
b62b43 |
- return 0;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- data = block_r->data;
|
|
|
b62b43 |
- size = block_r->size;
|
|
|
b62b43 |
- cur = data;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (*cur == '\r') cur++;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (cur[0] != '\n' || cur[1] != '-' || data[2] != '-') {
|
|
|
b62b43 |
- ctx->broken_reason = "Epilogue boundary start not at expected position";
|
|
|
b62b43 |
- return -1;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- /* find the end of the line */
|
|
|
b62b43 |
- cur += 3;
|
|
|
b62b43 |
- if ((cur = memchr(cur, '\n', size - (cur-data))) == NULL) {
|
|
|
b62b43 |
- if (end_offset < ctx->input->v_offset + size) {
|
|
|
b62b43 |
- ctx->broken_reason = "Epilogue boundary end not at expected position";
|
|
|
b62b43 |
- return -1;
|
|
|
b62b43 |
- } else if (ctx->input->v_offset + size < end_offset &&
|
|
|
b62b43 |
- size < BOUNDARY_END_MAX_LEN &&
|
|
|
b62b43 |
- !ctx->input->eof && !full) {
|
|
|
b62b43 |
- ctx->want_count = BOUNDARY_END_MAX_LEN;
|
|
|
b62b43 |
- return 0;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- block_r->size = 0;
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_epilogue_more;
|
|
|
b62b43 |
- ctx->skip = cur - data + 1;
|
|
|
b62b43 |
- return 0;
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static int preparsed_parse_body_init(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- uoff_t offset = ctx->part->physical_pos +
|
|
|
b62b43 |
- ctx->part->header_size.physical_size;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (offset < ctx->input->v_offset) {
|
|
|
b62b43 |
- /* header was actually larger than the cached size suggested */
|
|
|
b62b43 |
- ctx->broken_reason = "Header larger than its cached size";
|
|
|
b62b43 |
- return -1;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- i_stream_skip(ctx->input, offset - ctx->input->v_offset);
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- /* multipart messages may begin with --boundary--, which makes them
|
|
|
b62b43 |
- not have any children. */
|
|
|
b62b43 |
- if ((ctx->part->flags & MESSAGE_PART_FLAG_MULTIPART) == 0 ||
|
|
|
b62b43 |
- ctx->part->children == NULL)
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_body_more;
|
|
|
b62b43 |
- else
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_prologue_more;
|
|
|
b62b43 |
- return ctx->parse_next_block(ctx, block_r);
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static int preparsed_parse_epilogue_init(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- uoff_t offset = ctx->part->physical_pos +
|
|
|
b62b43 |
- ctx->part->header_size.physical_size +
|
|
|
b62b43 |
- ctx->part->body_size.physical_size;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- ctx->part = ctx->part->parent;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (offset < ctx->input->v_offset) {
|
|
|
b62b43 |
- /* last child was actually larger than the cached size
|
|
|
b62b43 |
- suggested */
|
|
|
b62b43 |
- ctx->broken_reason = "Part larger than its cached size";
|
|
|
b62b43 |
- return -1;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- i_stream_skip(ctx->input, offset - ctx->input->v_offset);
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_epilogue_boundary;
|
|
|
b62b43 |
- return ctx->parse_next_block(ctx, block_r);
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static int preparsed_parse_finish_header(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- if (ctx->part->children != NULL) {
|
|
|
b62b43 |
- if ((ctx->part->flags & MESSAGE_PART_FLAG_MULTIPART) != 0 &&
|
|
|
b62b43 |
- (ctx->flags & MESSAGE_PARSER_FLAG_INCLUDE_MULTIPART_BLOCKS) != 0)
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_body_init;
|
|
|
b62b43 |
- else {
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_next_header_init;
|
|
|
b62b43 |
- ctx->part = ctx->part->children;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- } else if ((ctx->flags & MESSAGE_PARSER_FLAG_SKIP_BODY_BLOCK) == 0) {
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_body_init;
|
|
|
b62b43 |
- } else {
|
|
|
b62b43 |
- preparsed_skip_to_next(ctx);
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- return ctx->parse_next_block(ctx, block_r);
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static int preparsed_parse_next_header(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- struct message_header_line *hdr;
|
|
|
b62b43 |
- int ret;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- ret = message_parse_header_next(ctx->hdr_parser_ctx, &hdr);
|
|
|
b62b43 |
- if (ret == 0 || (ret < 0 && ctx->input->stream_errno != 0)) {
|
|
|
b62b43 |
- ctx->want_count = i_stream_get_data_size(ctx->input) + 1;
|
|
|
b62b43 |
- return ret;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- if (hdr != NULL) {
|
|
|
b62b43 |
- block_r->hdr = hdr;
|
|
|
b62b43 |
- block_r->size = 0;
|
|
|
b62b43 |
- return 1;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- message_parse_header_deinit(&ctx->hdr_parser_ctx);
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_finish_header;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- /* return empty block as end of headers */
|
|
|
b62b43 |
- block_r->hdr = NULL;
|
|
|
b62b43 |
- block_r->size = 0;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- i_assert(ctx->skip == 0);
|
|
|
b62b43 |
- if (ctx->input->v_offset != ctx->part->physical_pos +
|
|
|
b62b43 |
- ctx->part->header_size.physical_size) {
|
|
|
b62b43 |
- ctx->broken_reason = "Cached header size mismatch";
|
|
|
b62b43 |
- return -1;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
- return 1;
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static int preparsed_parse_next_header_init(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
- struct message_block *block_r)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- struct istream *hdr_input;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- i_assert(ctx->hdr_parser_ctx == NULL);
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- i_assert(ctx->part->physical_pos >= ctx->input->v_offset);
|
|
|
b62b43 |
- i_stream_skip(ctx->input, ctx->part->physical_pos -
|
|
|
b62b43 |
- ctx->input->v_offset);
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- /* the header may become truncated by --boundaries. limit the header
|
|
|
b62b43 |
- stream's size to what it's supposed to be to avoid duplicating (and
|
|
|
b62b43 |
- keeping in sync!) all the same complicated logic as in
|
|
|
b62b43 |
- parse_next_header(). */
|
|
|
b62b43 |
- hdr_input = i_stream_create_limit(ctx->input, ctx->part->header_size.physical_size);
|
|
|
b62b43 |
- ctx->hdr_parser_ctx =
|
|
|
b62b43 |
- message_parse_header_init(hdr_input, NULL, ctx->hdr_flags);
|
|
|
b62b43 |
- i_stream_unref(&hdr_input);
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_next_header;
|
|
|
b62b43 |
- return preparsed_parse_next_header(ctx, block_r);
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-static struct message_parser_ctx *
|
|
|
b62b43 |
+struct message_parser_ctx *
|
|
|
b62b43 |
message_parser_init_int(struct istream *input,
|
|
|
b62b43 |
- enum message_header_parser_flags hdr_flags,
|
|
|
b62b43 |
- enum message_parser_flags flags)
|
|
|
b62b43 |
+ const struct message_parser_settings *set)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
struct message_parser_ctx *ctx;
|
|
|
b62b43 |
- pool_t pool;
|
|
|
b62b43 |
|
|
|
b62b43 |
- pool = pool_alloconly_create("Message Parser", 1024);
|
|
|
b62b43 |
- ctx = p_new(pool, struct message_parser_ctx, 1);
|
|
|
b62b43 |
- ctx->parser_pool = pool;
|
|
|
b62b43 |
- ctx->hdr_flags = hdr_flags;
|
|
|
b62b43 |
- ctx->flags = flags;
|
|
|
b62b43 |
+ ctx = i_new(struct message_parser_ctx, 1);
|
|
|
b62b43 |
+ ctx->hdr_flags = set->hdr_flags;
|
|
|
b62b43 |
+ ctx->flags = set->flags;
|
|
|
b62b43 |
+ ctx->max_nested_mime_parts = set->max_nested_mime_parts != 0 ?
|
|
|
b62b43 |
+ set->max_nested_mime_parts :
|
|
|
b62b43 |
+ MESSAGE_PARSER_DEFAULT_MAX_NESTED_MIME_PARTS;
|
|
|
b62b43 |
+ ctx->max_total_mime_parts = set->max_total_mime_parts != 0 ?
|
|
|
b62b43 |
+ set->max_total_mime_parts :
|
|
|
b62b43 |
+ MESSAGE_PARSER_DEFAULT_MAX_TOTAL_MIME_PARTS;
|
|
|
b62b43 |
ctx->input = input;
|
|
|
b62b43 |
i_stream_ref(input);
|
|
|
b62b43 |
return ctx;
|
|
|
b62b43 |
@@ -1051,32 +755,17 @@ message_parser_init_int(struct istream *
|
|
|
b62b43 |
|
|
|
b62b43 |
struct message_parser_ctx *
|
|
|
b62b43 |
message_parser_init(pool_t part_pool, struct istream *input,
|
|
|
b62b43 |
- enum message_header_parser_flags hdr_flags,
|
|
|
b62b43 |
- enum message_parser_flags flags)
|
|
|
b62b43 |
+ const struct message_parser_settings *set)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
struct message_parser_ctx *ctx;
|
|
|
b62b43 |
|
|
|
b62b43 |
- ctx = message_parser_init_int(input, hdr_flags, flags);
|
|
|
b62b43 |
+ ctx = message_parser_init_int(input, set);
|
|
|
b62b43 |
ctx->part_pool = part_pool;
|
|
|
b62b43 |
ctx->parts = ctx->part = p_new(part_pool, struct message_part, 1);
|
|
|
b62b43 |
+ ctx->next_part = &ctx->part->children;
|
|
|
b62b43 |
ctx->parse_next_block = parse_next_header_init;
|
|
|
b62b43 |
- return ctx;
|
|
|
b62b43 |
-}
|
|
|
b62b43 |
-
|
|
|
b62b43 |
-struct message_parser_ctx *
|
|
|
b62b43 |
-message_parser_init_from_parts(struct message_part *parts,
|
|
|
b62b43 |
- struct istream *input,
|
|
|
b62b43 |
- enum message_header_parser_flags hdr_flags,
|
|
|
b62b43 |
- enum message_parser_flags flags)
|
|
|
b62b43 |
-{
|
|
|
b62b43 |
- struct message_parser_ctx *ctx;
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- i_assert(parts != NULL);
|
|
|
b62b43 |
-
|
|
|
b62b43 |
- ctx = message_parser_init_int(input, hdr_flags, flags);
|
|
|
b62b43 |
- ctx->preparsed = TRUE;
|
|
|
b62b43 |
- ctx->parts = ctx->part = parts;
|
|
|
b62b43 |
- ctx->parse_next_block = preparsed_parse_next_header_init;
|
|
|
b62b43 |
+ ctx->total_parts_count = 1;
|
|
|
b62b43 |
+ i_array_init(&ctx->next_part_stack, 4);
|
|
|
b62b43 |
return ctx;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
@@ -1103,8 +792,15 @@ int message_parser_deinit_from_parts(str
|
|
|
b62b43 |
|
|
|
b62b43 |
if (ctx->hdr_parser_ctx != NULL)
|
|
|
b62b43 |
message_parse_header_deinit(&ctx->hdr_parser_ctx);
|
|
|
b62b43 |
+ boundary_remove_until(ctx, NULL);
|
|
|
b62b43 |
+ /* caller might have stopped the parsing early */
|
|
|
b62b43 |
+ i_assert(ctx->nested_parts_count == 0 ||
|
|
|
b62b43 |
+ i_stream_have_bytes_left(ctx->input));
|
|
|
b62b43 |
+
|
|
|
b62b43 |
i_stream_unref(&ctx->input);
|
|
|
b62b43 |
- pool_unref(&ctx->parser_pool);
|
|
|
b62b43 |
+ array_free(&ctx->next_part_stack);
|
|
|
b62b43 |
+ i_free(ctx->last_boundary);
|
|
|
b62b43 |
+ i_free(ctx);
|
|
|
b62b43 |
i_assert(ret < 0 || *parts_r != NULL);
|
|
|
b62b43 |
return ret;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
@@ -1136,13 +832,8 @@ int message_parser_parse_next_block(stru
|
|
|
b62b43 |
i_assert(ctx->input->eof || ctx->input->closed ||
|
|
|
b62b43 |
ctx->input->stream_errno != 0 ||
|
|
|
b62b43 |
ctx->broken_reason != NULL);
|
|
|
b62b43 |
- while (ctx->part->parent != NULL) {
|
|
|
b62b43 |
- message_size_add(&ctx->part->parent->body_size,
|
|
|
b62b43 |
- &ctx->part->body_size);
|
|
|
b62b43 |
- message_size_add(&ctx->part->parent->body_size,
|
|
|
b62b43 |
- &ctx->part->header_size);
|
|
|
b62b43 |
- ctx->part = ctx->part->parent;
|
|
|
b62b43 |
- }
|
|
|
b62b43 |
+ while (ctx->part->parent != NULL)
|
|
|
b62b43 |
+ message_part_finish(ctx);
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
if (block_r->size == 0) {
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-mail/message-parser-from-parts.c.CVE_2020_12100 dovecot-2.3.8/src/lib-mail/message-parser-from-parts.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-mail/message-parser-from-parts.c.CVE_2020_12100 2020-08-07 12:29:39.972827528 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-mail/message-parser-from-parts.c 2020-08-07 12:29:39.975827486 +0200
|
|
|
b62b43 |
@@ -0,0 +1,365 @@
|
|
|
b62b43 |
+/* Copyright (c) 2002-2018 Dovecot authors, see the included COPYING file */
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+#include "lib.h"
|
|
|
b62b43 |
+#include "istream.h"
|
|
|
b62b43 |
+#include "message-parser-private.h"
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_epilogue_init(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r);
|
|
|
b62b43 |
+static int preparsed_parse_next_header_init(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_eof(struct message_parser_ctx *ctx ATTR_UNUSED,
|
|
|
b62b43 |
+ struct message_block *block_r ATTR_UNUSED)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ return -1;
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static void preparsed_skip_to_next(struct message_parser_ctx *ctx)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_next_header_init;
|
|
|
b62b43 |
+ while (ctx->part != NULL) {
|
|
|
b62b43 |
+ if (ctx->part->next != NULL) {
|
|
|
b62b43 |
+ ctx->part = ctx->part->next;
|
|
|
b62b43 |
+ break;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ /* parse epilogue of multipart parent if requested */
|
|
|
b62b43 |
+ if (ctx->part->parent != NULL &&
|
|
|
b62b43 |
+ (ctx->part->parent->flags & MESSAGE_PART_FLAG_MULTIPART) != 0 &&
|
|
|
b62b43 |
+ (ctx->flags & MESSAGE_PARSER_FLAG_INCLUDE_MULTIPART_BLOCKS) != 0) {
|
|
|
b62b43 |
+ /* check for presence of epilogue */
|
|
|
b62b43 |
+ uoff_t part_end = ctx->part->physical_pos +
|
|
|
b62b43 |
+ ctx->part->header_size.physical_size +
|
|
|
b62b43 |
+ ctx->part->body_size.physical_size;
|
|
|
b62b43 |
+ uoff_t parent_end = ctx->part->parent->physical_pos +
|
|
|
b62b43 |
+ ctx->part->parent->header_size.physical_size +
|
|
|
b62b43 |
+ ctx->part->parent->body_size.physical_size;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (parent_end > part_end) {
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_epilogue_init;
|
|
|
b62b43 |
+ break;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ ctx->part = ctx->part->parent;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ if (ctx->part == NULL)
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_eof;
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_body_finish(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ i_stream_skip(ctx->input, ctx->skip);
|
|
|
b62b43 |
+ ctx->skip = 0;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ preparsed_skip_to_next(ctx);
|
|
|
b62b43 |
+ return ctx->parse_next_block(ctx, block_r);
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_prologue_finish(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ i_stream_skip(ctx->input, ctx->skip);
|
|
|
b62b43 |
+ ctx->skip = 0;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_next_header_init;
|
|
|
b62b43 |
+ ctx->part = ctx->part->children;
|
|
|
b62b43 |
+ return ctx->parse_next_block(ctx, block_r);
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_body_more(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ uoff_t end_offset = ctx->part->physical_pos +
|
|
|
b62b43 |
+ ctx->part->header_size.physical_size +
|
|
|
b62b43 |
+ ctx->part->body_size.physical_size;
|
|
|
b62b43 |
+ bool full;
|
|
|
b62b43 |
+ int ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if ((ret = message_parser_read_more(ctx, block_r, &full)) <= 0)
|
|
|
b62b43 |
+ return ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (ctx->input->v_offset + block_r->size >= end_offset) {
|
|
|
b62b43 |
+ block_r->size = end_offset - ctx->input->v_offset;
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_body_finish;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ ctx->skip = block_r->size;
|
|
|
b62b43 |
+ return 1;
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_prologue_more(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ uoff_t boundary_min_start, end_offset;
|
|
|
b62b43 |
+ const unsigned char *cur;
|
|
|
b62b43 |
+ bool full;
|
|
|
b62b43 |
+ int ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ i_assert(ctx->part->children != NULL);
|
|
|
b62b43 |
+ end_offset = ctx->part->children->physical_pos;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if ((ret = message_parser_read_more(ctx, block_r, &full)) <= 0)
|
|
|
b62b43 |
+ return ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (ctx->input->v_offset + block_r->size >= end_offset) {
|
|
|
b62b43 |
+ /* we've got the full prologue: clip off the initial boundary */
|
|
|
b62b43 |
+ block_r->size = end_offset - ctx->input->v_offset;
|
|
|
b62b43 |
+ cur = block_r->data + block_r->size - 1;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ /* [\r]\n--boundary[\r]\n */
|
|
|
b62b43 |
+ if (block_r->size < 5 || *cur != '\n') {
|
|
|
b62b43 |
+ ctx->broken_reason = "Prologue boundary end not at expected position";
|
|
|
b62b43 |
+ return -1;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ cur--;
|
|
|
b62b43 |
+ if (*cur == '\r') cur--;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ /* find newline just before boundary */
|
|
|
b62b43 |
+ for (; cur >= block_r->data; cur--) {
|
|
|
b62b43 |
+ if (*cur == '\n') break;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (cur[0] != '\n' || cur[1] != '-' || cur[2] != '-') {
|
|
|
b62b43 |
+ ctx->broken_reason = "Prologue boundary beginning not at expected position";
|
|
|
b62b43 |
+ return -1;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (cur != block_r->data && cur[-1] == '\r') cur--;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ /* clip boundary */
|
|
|
b62b43 |
+ block_r->size = cur - block_r->data;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_prologue_finish;
|
|
|
b62b43 |
+ ctx->skip = block_r->size;
|
|
|
b62b43 |
+ return 1;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ /* retain enough data in the stream buffer to contain initial boundary */
|
|
|
b62b43 |
+ if (end_offset > BOUNDARY_END_MAX_LEN)
|
|
|
b62b43 |
+ boundary_min_start = end_offset - BOUNDARY_END_MAX_LEN;
|
|
|
b62b43 |
+ else
|
|
|
b62b43 |
+ boundary_min_start = 0;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (ctx->input->v_offset + block_r->size >= boundary_min_start) {
|
|
|
b62b43 |
+ if (boundary_min_start <= ctx->input->v_offset)
|
|
|
b62b43 |
+ return 0;
|
|
|
b62b43 |
+ block_r->size = boundary_min_start - ctx->input->v_offset;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ ctx->skip = block_r->size;
|
|
|
b62b43 |
+ return 1;
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_epilogue_more(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ uoff_t end_offset = ctx->part->physical_pos +
|
|
|
b62b43 |
+ ctx->part->header_size.physical_size +
|
|
|
b62b43 |
+ ctx->part->body_size.physical_size;
|
|
|
b62b43 |
+ bool full;
|
|
|
b62b43 |
+ int ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if ((ret = message_parser_read_more(ctx, block_r, &full)) <= 0)
|
|
|
b62b43 |
+ return ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (ctx->input->v_offset + block_r->size >= end_offset) {
|
|
|
b62b43 |
+ block_r->size = end_offset - ctx->input->v_offset;
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_body_finish;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ ctx->skip = block_r->size;
|
|
|
b62b43 |
+ return 1;
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_epilogue_boundary(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ uoff_t end_offset = ctx->part->physical_pos +
|
|
|
b62b43 |
+ ctx->part->header_size.physical_size +
|
|
|
b62b43 |
+ ctx->part->body_size.physical_size;
|
|
|
b62b43 |
+ const unsigned char *data, *cur;
|
|
|
b62b43 |
+ size_t size;
|
|
|
b62b43 |
+ bool full;
|
|
|
b62b43 |
+ int ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (end_offset - ctx->input->v_offset < 7) {
|
|
|
b62b43 |
+ ctx->broken_reason = "Epilogue position is wrong";
|
|
|
b62b43 |
+ return -1;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if ((ret = message_parser_read_more(ctx, block_r, &full)) <= 0)
|
|
|
b62b43 |
+ return ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ /* [\r]\n--boundary--[\r]\n */
|
|
|
b62b43 |
+ if (block_r->size < 7) {
|
|
|
b62b43 |
+ ctx->want_count = 7;
|
|
|
b62b43 |
+ return 0;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ data = block_r->data;
|
|
|
b62b43 |
+ size = block_r->size;
|
|
|
b62b43 |
+ cur = data;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (*cur == '\r') cur++;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (cur[0] != '\n' || cur[1] != '-' || data[2] != '-') {
|
|
|
b62b43 |
+ ctx->broken_reason = "Epilogue boundary start not at expected position";
|
|
|
b62b43 |
+ return -1;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ /* find the end of the line */
|
|
|
b62b43 |
+ cur += 3;
|
|
|
b62b43 |
+ if ((cur = memchr(cur, '\n', size - (cur-data))) == NULL) {
|
|
|
b62b43 |
+ if (end_offset < ctx->input->v_offset + size) {
|
|
|
b62b43 |
+ ctx->broken_reason = "Epilogue boundary end not at expected position";
|
|
|
b62b43 |
+ return -1;
|
|
|
b62b43 |
+ } else if (ctx->input->v_offset + size < end_offset &&
|
|
|
b62b43 |
+ size < BOUNDARY_END_MAX_LEN &&
|
|
|
b62b43 |
+ !ctx->input->eof && !full) {
|
|
|
b62b43 |
+ ctx->want_count = BOUNDARY_END_MAX_LEN;
|
|
|
b62b43 |
+ return 0;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ block_r->size = 0;
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_epilogue_more;
|
|
|
b62b43 |
+ ctx->skip = cur - data + 1;
|
|
|
b62b43 |
+ return 0;
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_body_init(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ uoff_t offset = ctx->part->physical_pos +
|
|
|
b62b43 |
+ ctx->part->header_size.physical_size;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (offset < ctx->input->v_offset) {
|
|
|
b62b43 |
+ /* header was actually larger than the cached size suggested */
|
|
|
b62b43 |
+ ctx->broken_reason = "Header larger than its cached size";
|
|
|
b62b43 |
+ return -1;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ i_stream_skip(ctx->input, offset - ctx->input->v_offset);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ /* multipart messages may begin with --boundary--, which makes them
|
|
|
b62b43 |
+ not have any children. */
|
|
|
b62b43 |
+ if ((ctx->part->flags & MESSAGE_PART_FLAG_MULTIPART) == 0 ||
|
|
|
b62b43 |
+ ctx->part->children == NULL)
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_body_more;
|
|
|
b62b43 |
+ else
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_prologue_more;
|
|
|
b62b43 |
+ return ctx->parse_next_block(ctx, block_r);
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_epilogue_init(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ uoff_t offset = ctx->part->physical_pos +
|
|
|
b62b43 |
+ ctx->part->header_size.physical_size +
|
|
|
b62b43 |
+ ctx->part->body_size.physical_size;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ ctx->part = ctx->part->parent;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (offset < ctx->input->v_offset) {
|
|
|
b62b43 |
+ /* last child was actually larger than the cached size
|
|
|
b62b43 |
+ suggested */
|
|
|
b62b43 |
+ ctx->broken_reason = "Part larger than its cached size";
|
|
|
b62b43 |
+ return -1;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ i_stream_skip(ctx->input, offset - ctx->input->v_offset);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_epilogue_boundary;
|
|
|
b62b43 |
+ return ctx->parse_next_block(ctx, block_r);
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_finish_header(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ if (ctx->part->children != NULL) {
|
|
|
b62b43 |
+ if ((ctx->part->flags & MESSAGE_PART_FLAG_MULTIPART) != 0 &&
|
|
|
b62b43 |
+ (ctx->flags & MESSAGE_PARSER_FLAG_INCLUDE_MULTIPART_BLOCKS) != 0)
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_body_init;
|
|
|
b62b43 |
+ else {
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_next_header_init;
|
|
|
b62b43 |
+ ctx->part = ctx->part->children;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ } else if ((ctx->flags & MESSAGE_PARSER_FLAG_SKIP_BODY_BLOCK) == 0) {
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_body_init;
|
|
|
b62b43 |
+ } else {
|
|
|
b62b43 |
+ preparsed_skip_to_next(ctx);
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ return ctx->parse_next_block(ctx, block_r);
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_next_header(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ struct message_header_line *hdr;
|
|
|
b62b43 |
+ int ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ ret = message_parse_header_next(ctx->hdr_parser_ctx, &hdr);
|
|
|
b62b43 |
+ if (ret == 0 || (ret < 0 && ctx->input->stream_errno != 0)) {
|
|
|
b62b43 |
+ ctx->want_count = i_stream_get_data_size(ctx->input) + 1;
|
|
|
b62b43 |
+ return ret;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ if (hdr != NULL) {
|
|
|
b62b43 |
+ block_r->hdr = hdr;
|
|
|
b62b43 |
+ block_r->size = 0;
|
|
|
b62b43 |
+ return 1;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ message_parse_header_deinit(&ctx->hdr_parser_ctx);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_finish_header;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ /* return empty block as end of headers */
|
|
|
b62b43 |
+ block_r->hdr = NULL;
|
|
|
b62b43 |
+ block_r->size = 0;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ i_assert(ctx->skip == 0);
|
|
|
b62b43 |
+ if (ctx->input->v_offset != ctx->part->physical_pos +
|
|
|
b62b43 |
+ ctx->part->header_size.physical_size) {
|
|
|
b62b43 |
+ ctx->broken_reason = "Cached header size mismatch";
|
|
|
b62b43 |
+ return -1;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+ return 1;
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static int preparsed_parse_next_header_init(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ struct istream *hdr_input;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ i_assert(ctx->hdr_parser_ctx == NULL);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ i_assert(ctx->part->physical_pos >= ctx->input->v_offset);
|
|
|
b62b43 |
+ i_stream_skip(ctx->input, ctx->part->physical_pos -
|
|
|
b62b43 |
+ ctx->input->v_offset);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ /* the header may become truncated by --boundaries. limit the header
|
|
|
b62b43 |
+ stream's size to what it's supposed to be to avoid duplicating (and
|
|
|
b62b43 |
+ keeping in sync!) all the same complicated logic as in
|
|
|
b62b43 |
+ parse_next_header(). */
|
|
|
b62b43 |
+ hdr_input = i_stream_create_limit(ctx->input, ctx->part->header_size.physical_size);
|
|
|
b62b43 |
+ ctx->hdr_parser_ctx =
|
|
|
b62b43 |
+ message_parse_header_init(hdr_input, NULL, ctx->hdr_flags);
|
|
|
b62b43 |
+ i_stream_unref(&hdr_input);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_next_header;
|
|
|
b62b43 |
+ return preparsed_parse_next_header(ctx, block_r);
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+struct message_parser_ctx *
|
|
|
b62b43 |
+message_parser_init_from_parts(struct message_part *parts,
|
|
|
b62b43 |
+ struct istream *input,
|
|
|
b62b43 |
+ const struct message_parser_settings *set)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ struct message_parser_ctx *ctx;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ i_assert(parts != NULL);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ ctx = message_parser_init_int(input, set);
|
|
|
b62b43 |
+ ctx->preparsed = TRUE;
|
|
|
b62b43 |
+ ctx->parts = ctx->part = parts;
|
|
|
b62b43 |
+ ctx->parse_next_block = preparsed_parse_next_header_init;
|
|
|
b62b43 |
+ return ctx;
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-mail/message-parser.h.CVE_2020_12100 dovecot-2.3.8/src/lib-mail/message-parser.h
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-mail/message-parser.h.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-mail/message-parser.h 2020-08-07 12:29:39.978827444 +0200
|
|
|
b62b43 |
@@ -17,6 +17,21 @@ enum message_parser_flags {
|
|
|
b62b43 |
MESSAGE_PARSER_FLAG_INCLUDE_BOUNDARIES = 0x08
|
|
|
b62b43 |
};
|
|
|
b62b43 |
|
|
|
b62b43 |
+#define MESSAGE_PARSER_DEFAULT_MAX_NESTED_MIME_PARTS 100
|
|
|
b62b43 |
+#define MESSAGE_PARSER_DEFAULT_MAX_TOTAL_MIME_PARTS 10000
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+struct message_parser_settings {
|
|
|
b62b43 |
+ enum message_header_parser_flags hdr_flags;
|
|
|
b62b43 |
+ enum message_parser_flags flags;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ /* Maximum nested MIME parts.
|
|
|
b62b43 |
+ 0 = MESSAGE_PARSER_DEFAULT_MAX_NESTED_MIME_PARTS. */
|
|
|
b62b43 |
+ unsigned int max_nested_mime_parts;
|
|
|
b62b43 |
+ /* Maximum MIME parts in total.
|
|
|
b62b43 |
+ 0 = MESSAGE_PARSER_DEFAULT_MAX_TOTAL_MIME_PARTS. */
|
|
|
b62b43 |
+ unsigned int max_total_mime_parts;
|
|
|
b62b43 |
+};
|
|
|
b62b43 |
+
|
|
|
b62b43 |
struct message_parser_ctx;
|
|
|
b62b43 |
|
|
|
b62b43 |
struct message_block {
|
|
|
b62b43 |
@@ -45,8 +60,7 @@ extern message_part_header_callback_t *n
|
|
|
b62b43 |
are allocated from. */
|
|
|
b62b43 |
struct message_parser_ctx *
|
|
|
b62b43 |
message_parser_init(pool_t part_pool, struct istream *input,
|
|
|
b62b43 |
- enum message_header_parser_flags hdr_flags,
|
|
|
b62b43 |
- enum message_parser_flags flags);
|
|
|
b62b43 |
+ const struct message_parser_settings *set);
|
|
|
b62b43 |
/* Deinitialize message parser. The ctx must NOT have been created by
|
|
|
b62b43 |
message_parser_init_from_parts(). */
|
|
|
b62b43 |
void message_parser_deinit(struct message_parser_ctx **ctx,
|
|
|
b62b43 |
@@ -55,8 +69,7 @@ void message_parser_deinit(struct messag
|
|
|
b62b43 |
struct message_parser_ctx *
|
|
|
b62b43 |
message_parser_init_from_parts(struct message_part *parts,
|
|
|
b62b43 |
struct istream *input,
|
|
|
b62b43 |
- enum message_header_parser_flags hdr_flags,
|
|
|
b62b43 |
- enum message_parser_flags flags);
|
|
|
b62b43 |
+ const struct message_parser_settings *set);
|
|
|
b62b43 |
/* Same as message_parser_deinit(), but return an error message describing
|
|
|
b62b43 |
why the preparsed parts didn't match the message. This can also safely be
|
|
|
b62b43 |
called even when preparsed parts weren't used - it'll always just return
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-mail/message-parser-private.h.CVE_2020_12100 dovecot-2.3.8/src/lib-mail/message-parser-private.h
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-mail/message-parser-private.h.CVE_2020_12100 2020-08-07 12:29:39.972827528 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-mail/message-parser-private.h 2020-08-07 12:29:39.978827444 +0200
|
|
|
b62b43 |
@@ -0,0 +1,62 @@
|
|
|
b62b43 |
+#ifndef MESSAGE_PARSER_PRIVATE_H
|
|
|
b62b43 |
+#define MESSAGE_PARSER_PRIVATE_H
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+#include "message-parser.h"
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+/* RFC-2046 requires boundaries are max. 70 chars + "--" prefix + "--" suffix.
|
|
|
b62b43 |
+ We'll add a bit more just in case. */
|
|
|
b62b43 |
+#define BOUNDARY_STRING_MAX_LEN (70 + 10)
|
|
|
b62b43 |
+#define BOUNDARY_END_MAX_LEN (BOUNDARY_STRING_MAX_LEN + 2 + 2)
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+struct message_boundary {
|
|
|
b62b43 |
+ struct message_boundary *next;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ struct message_part *part;
|
|
|
b62b43 |
+ char *boundary;
|
|
|
b62b43 |
+ size_t len;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ bool epilogue_found:1;
|
|
|
b62b43 |
+};
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+struct message_parser_ctx {
|
|
|
b62b43 |
+ pool_t part_pool;
|
|
|
b62b43 |
+ struct istream *input;
|
|
|
b62b43 |
+ struct message_part *parts, *part;
|
|
|
b62b43 |
+ const char *broken_reason;
|
|
|
b62b43 |
+ unsigned int nested_parts_count;
|
|
|
b62b43 |
+ unsigned int total_parts_count;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ enum message_header_parser_flags hdr_flags;
|
|
|
b62b43 |
+ enum message_parser_flags flags;
|
|
|
b62b43 |
+ unsigned int max_nested_mime_parts;
|
|
|
b62b43 |
+ unsigned int max_total_mime_parts;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ char *last_boundary;
|
|
|
b62b43 |
+ struct message_boundary *boundaries;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ struct message_part **next_part;
|
|
|
b62b43 |
+ ARRAY(struct message_part **) next_part_stack;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ size_t skip;
|
|
|
b62b43 |
+ char last_chr;
|
|
|
b62b43 |
+ unsigned int want_count;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ struct message_header_parser_ctx *hdr_parser_ctx;
|
|
|
b62b43 |
+ unsigned int prev_hdr_newline_size;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ int (*parse_next_block)(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ bool part_seen_content_type:1;
|
|
|
b62b43 |
+ bool multipart:1;
|
|
|
b62b43 |
+ bool preparsed:1;
|
|
|
b62b43 |
+ bool eof:1;
|
|
|
b62b43 |
+};
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+struct message_parser_ctx *
|
|
|
b62b43 |
+message_parser_init_int(struct istream *input,
|
|
|
b62b43 |
+ const struct message_parser_settings *set);
|
|
|
b62b43 |
+int message_parser_read_more(struct message_parser_ctx *ctx,
|
|
|
b62b43 |
+ struct message_block *block_r, bool *full_r);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+#endif
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-mail/message-search.c.CVE_2020_12100 dovecot-2.3.8/src/lib-mail/message-search.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-mail/message-search.c.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-mail/message-search.c 2020-08-07 12:29:39.976827472 +0200
|
|
|
b62b43 |
@@ -196,8 +196,9 @@ message_search_msg_real(struct message_s
|
|
|
b62b43 |
struct istream *input, struct message_part *parts,
|
|
|
b62b43 |
const char **error_r)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
- const enum message_header_parser_flags hdr_parser_flags =
|
|
|
b62b43 |
- MESSAGE_HEADER_PARSER_FLAG_CLEAN_ONELINE;
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = {
|
|
|
b62b43 |
+ .hdr_flags = MESSAGE_HEADER_PARSER_FLAG_CLEAN_ONELINE,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
struct message_parser_ctx *parser_ctx;
|
|
|
b62b43 |
struct message_block raw_block;
|
|
|
b62b43 |
struct message_part *new_parts;
|
|
|
b62b43 |
@@ -207,10 +208,10 @@ message_search_msg_real(struct message_s
|
|
|
b62b43 |
|
|
|
b62b43 |
if (parts != NULL) {
|
|
|
b62b43 |
parser_ctx = message_parser_init_from_parts(parts,
|
|
|
b62b43 |
- input, hdr_parser_flags, 0);
|
|
|
b62b43 |
+ input, &parser_set);
|
|
|
b62b43 |
} else {
|
|
|
b62b43 |
parser_ctx = message_parser_init(pool_datastack_create(),
|
|
|
b62b43 |
- input, hdr_parser_flags, 0);
|
|
|
b62b43 |
+ input, &parser_set);
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser_ctx,
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-mail/message-snippet.c.CVE_2020_12100 dovecot-2.3.8/src/lib-mail/message-snippet.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-mail/message-snippet.c.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-mail/message-snippet.c 2020-08-07 12:30:01.710525318 +0200
|
|
|
b62b43 |
@@ -99,6 +99,7 @@ int message_snippet_generate(struct istr
|
|
|
b62b43 |
unsigned int max_snippet_chars,
|
|
|
b62b43 |
string_t *snippet)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = { .flags = 0 };
|
|
|
b62b43 |
struct message_parser_ctx *parser;
|
|
|
b62b43 |
struct message_part *parts;
|
|
|
b62b43 |
struct message_decoder_context *decoder;
|
|
|
b62b43 |
@@ -112,7 +113,7 @@ int message_snippet_generate(struct istr
|
|
|
b62b43 |
ctx.snippet = snippet;
|
|
|
b62b43 |
ctx.chars_left = max_snippet_chars;
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool_datastack_create(), input, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool_datastack_create(), input, &parser_set);
|
|
|
b62b43 |
decoder = message_decoder_init(NULL, 0);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &raw_block)) > 0) {
|
|
|
b62b43 |
if (!message_decoder_decode_next_block(decoder, &raw_block, &block))
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-mail/test-message-decoder.c.CVE_2020_12100 dovecot-2.3.8/src/lib-mail/test-message-decoder.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-mail/test-message-decoder.c.CVE_2020_12100 2020-08-07 12:29:39.970827555 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-mail/test-message-decoder.c 2020-08-07 12:29:39.976827472 +0200
|
|
|
b62b43 |
@@ -105,6 +105,7 @@ static void test_message_decoder_multipa
|
|
|
b62b43 |
"\n"
|
|
|
b62b43 |
"?garbage\n"
|
|
|
b62b43 |
"--foo--\n";
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = { .flags = 0, };
|
|
|
b62b43 |
struct message_parser_ctx *parser;
|
|
|
b62b43 |
struct message_decoder_context *decoder;
|
|
|
b62b43 |
struct message_part *parts;
|
|
|
b62b43 |
@@ -116,7 +117,8 @@ static void test_message_decoder_multipa
|
|
|
b62b43 |
test_begin("message decoder multipart");
|
|
|
b62b43 |
|
|
|
b62b43 |
istream = test_istream_create(test_message_input);
|
|
|
b62b43 |
- parser = message_parser_init(pool_datastack_create(), istream, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool_datastack_create(), istream,
|
|
|
b62b43 |
+ &parser_set);
|
|
|
b62b43 |
decoder = message_decoder_init(NULL, 0);
|
|
|
b62b43 |
|
|
|
b62b43 |
test_istream_set_allow_eof(istream, FALSE);
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-mail/test-message-parser.c.CVE_2020_12100 dovecot-2.3.8/src/lib-mail/test-message-parser.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-mail/test-message-parser.c.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-mail/test-message-parser.c 2020-08-07 12:29:39.979827431 +0200
|
|
|
b62b43 |
@@ -39,6 +39,8 @@ static const char test_msg[] =
|
|
|
b62b43 |
"\n";
|
|
|
b62b43 |
#define TEST_MSG_LEN (sizeof(test_msg)-1)
|
|
|
b62b43 |
|
|
|
b62b43 |
+static const struct message_parser_settings set_empty = { .flags = 0 };
|
|
|
b62b43 |
+
|
|
|
b62b43 |
static bool msg_parts_cmp(struct message_part *p1, struct message_part *p2)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
while (p1 != NULL || p2 != NULL) {
|
|
|
b62b43 |
@@ -59,6 +61,7 @@ static bool msg_parts_cmp(struct message
|
|
|
b62b43 |
p1->body_size.physical_size != p2->body_size.physical_size ||
|
|
|
b62b43 |
p1->body_size.virtual_size != p2->body_size.virtual_size ||
|
|
|
b62b43 |
p1->body_size.lines != p2->body_size.lines ||
|
|
|
b62b43 |
+ p1->children_count != p2->children_count ||
|
|
|
b62b43 |
p1->flags != p2->flags)
|
|
|
b62b43 |
return FALSE;
|
|
|
b62b43 |
|
|
|
b62b43 |
@@ -70,6 +73,9 @@ static bool msg_parts_cmp(struct message
|
|
|
b62b43 |
|
|
|
b62b43 |
static void test_parsed_parts(struct istream *input, struct message_part *parts)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = {
|
|
|
b62b43 |
+ .flags = MESSAGE_PARSER_FLAG_SKIP_BODY_BLOCK,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
struct message_parser_ctx *parser;
|
|
|
b62b43 |
struct message_block block;
|
|
|
b62b43 |
struct message_part *parts2;
|
|
|
b62b43 |
@@ -81,8 +87,7 @@ static void test_parsed_parts(struct ist
|
|
|
b62b43 |
if (i_stream_get_size(input, TRUE, &input_size) < 0)
|
|
|
b62b43 |
i_unreached();
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init_from_parts(parts, input, 0,
|
|
|
b62b43 |
- MESSAGE_PARSER_FLAG_SKIP_BODY_BLOCK);
|
|
|
b62b43 |
+ parser = message_parser_init_from_parts(parts, input, &parser_set);
|
|
|
b62b43 |
for (i = 1; i <= input_size*2+1; i++) {
|
|
|
b62b43 |
test_istream_set_size(input, i/2);
|
|
|
b62b43 |
if (i > TEST_MSG_LEN*2)
|
|
|
b62b43 |
@@ -112,9 +117,11 @@ static void test_message_parser_small_bl
|
|
|
b62b43 |
output = t_str_new(128);
|
|
|
b62b43 |
|
|
|
b62b43 |
/* full parsing */
|
|
|
b62b43 |
- parser = message_parser_init(pool, input, 0,
|
|
|
b62b43 |
- MESSAGE_PARSER_FLAG_INCLUDE_MULTIPART_BLOCKS |
|
|
|
b62b43 |
- MESSAGE_PARSER_FLAG_INCLUDE_BOUNDARIES);
|
|
|
b62b43 |
+ const struct message_parser_settings full_parser_set = {
|
|
|
b62b43 |
+ .flags = MESSAGE_PARSER_FLAG_INCLUDE_MULTIPART_BLOCKS |
|
|
|
b62b43 |
+ MESSAGE_PARSER_FLAG_INCLUDE_BOUNDARIES,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &full_parser_set);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &block)) > 0) {
|
|
|
b62b43 |
if (block.hdr != NULL)
|
|
|
b62b43 |
message_header_line_write(output, block.hdr);
|
|
|
b62b43 |
@@ -130,7 +137,7 @@ static void test_message_parser_small_bl
|
|
|
b62b43 |
i_stream_seek(input, 0);
|
|
|
b62b43 |
test_istream_set_allow_eof(input, FALSE);
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool, input, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
for (i = 1; i <= TEST_MSG_LEN*2+1; i++) {
|
|
|
b62b43 |
test_istream_set_size(input, i/2);
|
|
|
b62b43 |
if (i > TEST_MSG_LEN*2)
|
|
|
b62b43 |
@@ -148,8 +155,11 @@ static void test_message_parser_small_bl
|
|
|
b62b43 |
test_istream_set_allow_eof(input, FALSE);
|
|
|
b62b43 |
|
|
|
b62b43 |
end_of_headers_idx = (strstr(test_msg, "\n-----") - test_msg);
|
|
|
b62b43 |
- parser = message_parser_init_from_parts(parts, input, 0,
|
|
|
b62b43 |
- MESSAGE_PARSER_FLAG_SKIP_BODY_BLOCK);
|
|
|
b62b43 |
+ const struct message_parser_settings preparsed_parser_set = {
|
|
|
b62b43 |
+ .flags = MESSAGE_PARSER_FLAG_SKIP_BODY_BLOCK,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
+ parser = message_parser_init_from_parts(parts, input,
|
|
|
b62b43 |
+ &preparsed_parser_set);
|
|
|
b62b43 |
for (i = 1; i <= TEST_MSG_LEN*2+1; i++) {
|
|
|
b62b43 |
test_istream_set_size(input, i/2);
|
|
|
b62b43 |
if (i > TEST_MSG_LEN*2)
|
|
|
b62b43 |
@@ -167,6 +177,36 @@ static void test_message_parser_small_bl
|
|
|
b62b43 |
test_end();
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
+static void test_message_parser_stop_early(void)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ struct message_parser_ctx *parser;
|
|
|
b62b43 |
+ struct istream *input;
|
|
|
b62b43 |
+ struct message_part *parts;
|
|
|
b62b43 |
+ struct message_block block;
|
|
|
b62b43 |
+ unsigned int i;
|
|
|
b62b43 |
+ pool_t pool;
|
|
|
b62b43 |
+ int ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_begin("message parser in stop early");
|
|
|
b62b43 |
+ pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
+ input = test_istream_create(test_msg);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_istream_set_allow_eof(input, FALSE);
|
|
|
b62b43 |
+ for (i = 1; i <= TEST_MSG_LEN+1; i++) {
|
|
|
b62b43 |
+ i_stream_seek(input, 0);
|
|
|
b62b43 |
+ test_istream_set_size(input, i);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
+ while ((ret = message_parser_parse_next_block(parser,
|
|
|
b62b43 |
+ &block)) > 0) ;
|
|
|
b62b43 |
+ test_assert(ret == 0);
|
|
|
b62b43 |
+ message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ i_stream_unref(&input);
|
|
|
b62b43 |
+ pool_unref(&pool);
|
|
|
b62b43 |
+ test_end();
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
static void test_message_parser_truncated_mime_headers(void)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
static const char input_msg[] =
|
|
|
b62b43 |
@@ -191,12 +231,13 @@ static const char input_msg[] =
|
|
|
b62b43 |
pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
input = test_istream_create(input_msg);
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool, input, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
test_assert(ret < 0);
|
|
|
b62b43 |
message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
|
|
|
b62b43 |
test_assert((parts->flags & MESSAGE_PART_FLAG_MULTIPART) != 0);
|
|
|
b62b43 |
+ test_assert(parts->children_count == 4);
|
|
|
b62b43 |
test_assert(parts->header_size.lines == 2);
|
|
|
b62b43 |
test_assert(parts->header_size.physical_size == 48);
|
|
|
b62b43 |
test_assert(parts->header_size.virtual_size == 48+2);
|
|
|
b62b43 |
@@ -220,6 +261,7 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_assert(parts->children->next->next->next->header_size.virtual_size == 23);
|
|
|
b62b43 |
test_assert(parts->children->next->next->next->header_size.lines == 0);
|
|
|
b62b43 |
for (part = parts->children; part != NULL; part = part->next) {
|
|
|
b62b43 |
+ test_assert(part->children_count == 0);
|
|
|
b62b43 |
test_assert(part->body_size.physical_size == 0);
|
|
|
b62b43 |
test_assert(part->body_size.virtual_size == 0);
|
|
|
b62b43 |
}
|
|
|
b62b43 |
@@ -254,12 +296,13 @@ static const char input_msg[] =
|
|
|
b62b43 |
pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
input = test_istream_create(input_msg);
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool, input, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
test_assert(ret < 0);
|
|
|
b62b43 |
message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
|
|
|
b62b43 |
test_assert(parts->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(parts->children_count == 2);
|
|
|
b62b43 |
test_assert(parts->header_size.lines == 2);
|
|
|
b62b43 |
test_assert(parts->header_size.physical_size == 46);
|
|
|
b62b43 |
test_assert(parts->header_size.virtual_size == 46+2);
|
|
|
b62b43 |
@@ -267,6 +310,7 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_assert(parts->body_size.physical_size == 86);
|
|
|
b62b43 |
test_assert(parts->body_size.virtual_size == 86+8);
|
|
|
b62b43 |
|
|
|
b62b43 |
+ test_assert(parts->children->children_count == 0);
|
|
|
b62b43 |
test_assert(parts->children->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->children->physical_pos == 51);
|
|
|
b62b43 |
test_assert(parts->children->header_size.lines == 1);
|
|
|
b62b43 |
@@ -276,6 +320,7 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_assert(parts->children->body_size.physical_size == 0);
|
|
|
b62b43 |
test_assert(parts->children->children == NULL);
|
|
|
b62b43 |
|
|
|
b62b43 |
+ test_assert(parts->children->next->children_count == 0);
|
|
|
b62b43 |
test_assert(parts->children->next->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->children->next->physical_pos == 101);
|
|
|
b62b43 |
test_assert(parts->children->next->header_size.lines == 2);
|
|
|
b62b43 |
@@ -307,11 +352,12 @@ static const char input_msg[] =
|
|
|
b62b43 |
pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
input = test_istream_create(input_msg);
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool, input, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
test_assert(ret < 0);
|
|
|
b62b43 |
message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
|
|
|
b62b43 |
+ test_assert(parts->children_count == 0);
|
|
|
b62b43 |
test_assert(parts->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->header_size.lines == 1);
|
|
|
b62b43 |
test_assert(parts->header_size.physical_size == 45);
|
|
|
b62b43 |
@@ -344,11 +390,12 @@ static const char input_msg[] =
|
|
|
b62b43 |
pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
input = test_istream_create(input_msg);
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool, input, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
test_assert(ret < 0);
|
|
|
b62b43 |
message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
|
|
|
b62b43 |
+ test_assert(parts->children_count == 0);
|
|
|
b62b43 |
test_assert(parts->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->header_size.lines == 2);
|
|
|
b62b43 |
test_assert(parts->header_size.physical_size == 46);
|
|
|
b62b43 |
@@ -388,11 +435,12 @@ static const char input_msg[] =
|
|
|
b62b43 |
pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
input = test_istream_create(input_msg);
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool, input, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
test_assert(ret < 0);
|
|
|
b62b43 |
message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
|
|
|
b62b43 |
+ test_assert(parts->children_count == 2);
|
|
|
b62b43 |
test_assert(parts->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->header_size.lines == 2);
|
|
|
b62b43 |
test_assert(parts->header_size.physical_size == 45);
|
|
|
b62b43 |
@@ -400,6 +448,7 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_assert(parts->body_size.lines == 7);
|
|
|
b62b43 |
test_assert(parts->body_size.physical_size == 84);
|
|
|
b62b43 |
test_assert(parts->body_size.virtual_size == 84+7);
|
|
|
b62b43 |
+ test_assert(parts->children->children_count == 1);
|
|
|
b62b43 |
test_assert(parts->children->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->children->physical_pos == 49);
|
|
|
b62b43 |
test_assert(parts->children->header_size.lines == 2);
|
|
|
b62b43 |
@@ -408,6 +457,7 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_assert(parts->children->body_size.lines == 4);
|
|
|
b62b43 |
test_assert(parts->children->body_size.physical_size == 35);
|
|
|
b62b43 |
test_assert(parts->children->body_size.virtual_size == 35+4);
|
|
|
b62b43 |
+ test_assert(parts->children->children->children_count == 0);
|
|
|
b62b43 |
test_assert(parts->children->children->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->children->children->physical_pos == 98);
|
|
|
b62b43 |
test_assert(parts->children->children->header_size.lines == 2);
|
|
|
b62b43 |
@@ -446,11 +496,12 @@ static const char input_msg[] =
|
|
|
b62b43 |
pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
input = test_istream_create(input_msg);
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool, input, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
test_assert(ret < 0);
|
|
|
b62b43 |
message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
|
|
|
b62b43 |
+ test_assert(parts->children_count == 2);
|
|
|
b62b43 |
test_assert(parts->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->header_size.lines == 2);
|
|
|
b62b43 |
test_assert(parts->header_size.physical_size == 45);
|
|
|
b62b43 |
@@ -458,6 +509,7 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_assert(parts->body_size.lines == 7);
|
|
|
b62b43 |
test_assert(parts->body_size.physical_size == 86);
|
|
|
b62b43 |
test_assert(parts->body_size.virtual_size == 86+7);
|
|
|
b62b43 |
+ test_assert(parts->children->children_count == 1);
|
|
|
b62b43 |
test_assert(parts->children->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->children->physical_pos == 50);
|
|
|
b62b43 |
test_assert(parts->children->header_size.lines == 2);
|
|
|
b62b43 |
@@ -466,6 +518,7 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_assert(parts->children->body_size.lines == 4);
|
|
|
b62b43 |
test_assert(parts->children->body_size.physical_size == 36);
|
|
|
b62b43 |
test_assert(parts->children->body_size.virtual_size == 36+4);
|
|
|
b62b43 |
+ test_assert(parts->children->children->children_count == 0);
|
|
|
b62b43 |
test_assert(parts->children->children->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->children->children->physical_pos == 100);
|
|
|
b62b43 |
test_assert(parts->children->children->header_size.lines == 2);
|
|
|
b62b43 |
@@ -481,6 +534,51 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_end();
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
+static void test_message_parser_trailing_dashes(void)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+static const char input_msg[] =
|
|
|
b62b43 |
+"Content-Type: multipart/mixed; boundary=\"a--\"\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"--a--\n"
|
|
|
b62b43 |
+"Content-Type: multipart/mixed; boundary=\"a----\"\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"--a----\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"body\n"
|
|
|
b62b43 |
+"--a------\n"
|
|
|
b62b43 |
+"Content-Type: text/html\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"body2\n"
|
|
|
b62b43 |
+"--a----";
|
|
|
b62b43 |
+ struct message_parser_ctx *parser;
|
|
|
b62b43 |
+ struct istream *input;
|
|
|
b62b43 |
+ struct message_part *parts;
|
|
|
b62b43 |
+ struct message_block block;
|
|
|
b62b43 |
+ pool_t pool;
|
|
|
b62b43 |
+ int ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_begin("message parser trailing dashes");
|
|
|
b62b43 |
+ pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
+ input = test_istream_create(input_msg);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
+ while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
+ test_assert(ret < 0);
|
|
|
b62b43 |
+ message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_assert(parts->children_count == 2);
|
|
|
b62b43 |
+ test_assert(parts->children->next == NULL);
|
|
|
b62b43 |
+ test_assert(parts->children->children_count == 1);
|
|
|
b62b43 |
+ test_assert(parts->children->children->next == NULL);
|
|
|
b62b43 |
+ test_assert(parts->children->children->children_count == 0);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_parsed_parts(input, parts);
|
|
|
b62b43 |
+ i_stream_unref(&input);
|
|
|
b62b43 |
+ pool_unref(&pool);
|
|
|
b62b43 |
+ test_end();
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
static void test_message_parser_continuing_mime_boundary(void)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
static const char input_msg[] =
|
|
|
b62b43 |
@@ -504,11 +602,12 @@ static const char input_msg[] =
|
|
|
b62b43 |
pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
input = test_istream_create(input_msg);
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool, input, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
test_assert(ret < 0);
|
|
|
b62b43 |
message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
|
|
|
b62b43 |
+ test_assert(parts->children_count == 2);
|
|
|
b62b43 |
test_assert(parts->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->header_size.lines == 2);
|
|
|
b62b43 |
test_assert(parts->header_size.physical_size == 45);
|
|
|
b62b43 |
@@ -516,6 +615,7 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_assert(parts->body_size.lines == 7);
|
|
|
b62b43 |
test_assert(parts->body_size.physical_size == 86);
|
|
|
b62b43 |
test_assert(parts->body_size.virtual_size == 86+7);
|
|
|
b62b43 |
+ test_assert(parts->children->children_count == 1);
|
|
|
b62b43 |
test_assert(parts->children->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->children->physical_pos == 49);
|
|
|
b62b43 |
test_assert(parts->children->header_size.lines == 2);
|
|
|
b62b43 |
@@ -524,6 +624,7 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_assert(parts->children->body_size.lines == 4);
|
|
|
b62b43 |
test_assert(parts->children->body_size.physical_size == 36);
|
|
|
b62b43 |
test_assert(parts->children->body_size.virtual_size == 36+4);
|
|
|
b62b43 |
+ test_assert(parts->children->children->children_count == 0);
|
|
|
b62b43 |
test_assert(parts->children->children->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(parts->children->children->physical_pos == 100);
|
|
|
b62b43 |
test_assert(parts->children->children->header_size.lines == 2);
|
|
|
b62b43 |
@@ -563,12 +664,13 @@ static const char input_msg[] =
|
|
|
b62b43 |
pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
input = test_istream_create(input_msg);
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool, input, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
test_assert(ret < 0);
|
|
|
b62b43 |
message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
|
|
|
b62b43 |
part = parts;
|
|
|
b62b43 |
+ test_assert(part->children_count == 3);
|
|
|
b62b43 |
test_assert(part->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
test_assert(part->header_size.physical_size == 45);
|
|
|
b62b43 |
@@ -578,6 +680,7 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_assert(part->body_size.virtual_size == 112+9);
|
|
|
b62b43 |
|
|
|
b62b43 |
part = parts->children;
|
|
|
b62b43 |
+ test_assert(part->children_count == 0);
|
|
|
b62b43 |
test_assert(part->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(part->physical_pos == 49);
|
|
|
b62b43 |
test_assert(part->header_size.lines == 1);
|
|
|
b62b43 |
@@ -591,6 +694,7 @@ static const char input_msg[] =
|
|
|
b62b43 |
we could make it, but it would complicate the message-parser even
|
|
|
b62b43 |
more. */
|
|
|
b62b43 |
part = parts->children->next;
|
|
|
b62b43 |
+ test_assert(part->children_count == 0);
|
|
|
b62b43 |
test_assert(part->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(part->physical_pos == 117);
|
|
|
b62b43 |
test_assert(part->header_size.lines == 1);
|
|
|
b62b43 |
@@ -601,6 +705,7 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_assert(part->children == NULL);
|
|
|
b62b43 |
|
|
|
b62b43 |
part = parts->children->next->next;
|
|
|
b62b43 |
+ test_assert(part->children_count == 0);
|
|
|
b62b43 |
test_assert(part->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
test_assert(part->header_size.lines == 0);
|
|
|
b62b43 |
test_assert(part->header_size.physical_size == 0);
|
|
|
b62b43 |
@@ -615,6 +720,80 @@ static const char input_msg[] =
|
|
|
b62b43 |
test_end();
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
+static void test_message_parser_continuing_mime_boundary_reverse(void)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+static const char input_msg[] =
|
|
|
b62b43 |
+"Content-Type: multipart/mixed; boundary=\"ab\"\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"--ab\n"
|
|
|
b62b43 |
+"Content-Type: multipart/mixed; boundary=\"a\"\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"--a\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"body\n"
|
|
|
b62b43 |
+"--ab\n"
|
|
|
b62b43 |
+"Content-Type: text/html\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"body2\n";
|
|
|
b62b43 |
+ struct message_parser_ctx *parser;
|
|
|
b62b43 |
+ struct istream *input;
|
|
|
b62b43 |
+ struct message_part *parts;
|
|
|
b62b43 |
+ struct message_block block;
|
|
|
b62b43 |
+ pool_t pool;
|
|
|
b62b43 |
+ int ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_begin("message parser continuing mime boundary reverse");
|
|
|
b62b43 |
+ pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
+ input = test_istream_create(input_msg);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
+ while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
+ test_assert(ret < 0);
|
|
|
b62b43 |
+ message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_assert(parts->children_count == 3);
|
|
|
b62b43 |
+ test_assert(parts->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(parts->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(parts->header_size.physical_size == 46);
|
|
|
b62b43 |
+ test_assert(parts->header_size.virtual_size == 46+2);
|
|
|
b62b43 |
+ test_assert(parts->body_size.lines == 11);
|
|
|
b62b43 |
+ test_assert(parts->body_size.physical_size == 121);
|
|
|
b62b43 |
+ test_assert(parts->body_size.virtual_size == 121+11);
|
|
|
b62b43 |
+ test_assert(parts->children->children_count == 1);
|
|
|
b62b43 |
+ test_assert(parts->children->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(parts->children->physical_pos == 51);
|
|
|
b62b43 |
+ test_assert(parts->children->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(parts->children->header_size.physical_size == 45);
|
|
|
b62b43 |
+ test_assert(parts->children->header_size.virtual_size == 45+2);
|
|
|
b62b43 |
+ test_assert(parts->children->body_size.lines == 3);
|
|
|
b62b43 |
+ test_assert(parts->children->body_size.physical_size == 34);
|
|
|
b62b43 |
+ test_assert(parts->children->body_size.virtual_size == 34+3);
|
|
|
b62b43 |
+ test_assert(parts->children->children->children_count == 0);
|
|
|
b62b43 |
+ test_assert(parts->children->children->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(parts->children->children->physical_pos == 100);
|
|
|
b62b43 |
+ test_assert(parts->children->children->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(parts->children->children->header_size.physical_size == 26);
|
|
|
b62b43 |
+ test_assert(parts->children->children->header_size.virtual_size == 26+2);
|
|
|
b62b43 |
+ test_assert(parts->children->children->body_size.lines == 0);
|
|
|
b62b43 |
+ test_assert(parts->children->children->body_size.physical_size == 4);
|
|
|
b62b43 |
+ test_assert(parts->children->children->body_size.virtual_size == 4);
|
|
|
b62b43 |
+ test_assert(parts->children->next->children_count == 0);
|
|
|
b62b43 |
+ test_assert(parts->children->next->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(parts->children->next->physical_pos == 136);
|
|
|
b62b43 |
+ test_assert(parts->children->next->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(parts->children->next->header_size.physical_size == 25);
|
|
|
b62b43 |
+ test_assert(parts->children->next->header_size.virtual_size == 25+2);
|
|
|
b62b43 |
+ test_assert(parts->children->next->body_size.lines == 1);
|
|
|
b62b43 |
+ test_assert(parts->children->next->body_size.physical_size == 6);
|
|
|
b62b43 |
+ test_assert(parts->children->next->body_size.virtual_size == 6+1);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_parsed_parts(input, parts);
|
|
|
b62b43 |
+ i_stream_unref(&input);
|
|
|
b62b43 |
+ pool_unref(&pool);
|
|
|
b62b43 |
+ test_end();
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
static void test_message_parser_no_eoh(void)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
static const char input_msg[] = "a:b\n";
|
|
|
b62b43 |
@@ -628,7 +807,7 @@ static void test_message_parser_no_eoh(v
|
|
|
b62b43 |
pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
input = test_istream_create(input_msg);
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool, input, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
test_assert(message_parser_parse_next_block(parser, &block) > 0 &&
|
|
|
b62b43 |
block.hdr != NULL && strcmp(block.hdr->name, "a") == 0 &&
|
|
|
b62b43 |
block.hdr->value_len == 1 && block.hdr->value[0] == 'b');
|
|
|
b62b43 |
@@ -643,19 +822,335 @@ static void test_message_parser_no_eoh(v
|
|
|
b62b43 |
test_end();
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
+static void test_message_parser_long_mime_boundary(void)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+ /* Close the boundaries in wrong reverse order. But because all
|
|
|
b62b43 |
+ boundaries are actually truncated to the same size (..890) it
|
|
|
b62b43 |
+ works the same as if all of them were duplicate boundaries. */
|
|
|
b62b43 |
+static const char input_msg[] =
|
|
|
b62b43 |
+"Content-Type: multipart/mixed; boundary=\"1234567890123456789012345678901234567890123456789012345678901234567890123456789012\"\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"--1234567890123456789012345678901234567890123456789012345678901234567890123456789012\n"
|
|
|
b62b43 |
+"Content-Type: multipart/mixed; boundary=\"123456789012345678901234567890123456789012345678901234567890123456789012345678901\"\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"--123456789012345678901234567890123456789012345678901234567890123456789012345678901\n"
|
|
|
b62b43 |
+"Content-Type: multipart/mixed; boundary=\"12345678901234567890123456789012345678901234567890123456789012345678901234567890\"\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"--12345678901234567890123456789012345678901234567890123456789012345678901234567890\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"1\n"
|
|
|
b62b43 |
+"--1234567890123456789012345678901234567890123456789012345678901234567890123456789012\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"22\n"
|
|
|
b62b43 |
+"--123456789012345678901234567890123456789012345678901234567890123456789012345678901\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"333\n"
|
|
|
b62b43 |
+"--12345678901234567890123456789012345678901234567890123456789012345678901234567890\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"4444\n";
|
|
|
b62b43 |
+ struct message_parser_ctx *parser;
|
|
|
b62b43 |
+ struct istream *input;
|
|
|
b62b43 |
+ struct message_part *parts, *part;
|
|
|
b62b43 |
+ struct message_block block;
|
|
|
b62b43 |
+ pool_t pool;
|
|
|
b62b43 |
+ int ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_begin("message parser long mime boundary");
|
|
|
b62b43 |
+ pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
+ input = test_istream_create(input_msg);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set_empty);
|
|
|
b62b43 |
+ while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
+ test_assert(ret < 0);
|
|
|
b62b43 |
+ message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts;
|
|
|
b62b43 |
+ test_assert(part->children_count == 6);
|
|
|
b62b43 |
+ test_assert(part->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 126);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 126+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 22);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == 871);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == 871+22);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts->children;
|
|
|
b62b43 |
+ test_assert(part->children_count == 5);
|
|
|
b62b43 |
+ test_assert(part->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 125);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 125+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 19);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == 661);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == 661+19);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts->children->children;
|
|
|
b62b43 |
+ test_assert(part->children_count == 4);
|
|
|
b62b43 |
+ test_assert(part->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 124);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 124+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 16);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == 453);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == 453+16);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts->children->children->children;
|
|
|
b62b43 |
+ for (unsigned int i = 1; i <= 3; i++, part = part->next) {
|
|
|
b62b43 |
+ test_assert(part->children_count == 0);
|
|
|
b62b43 |
+ test_assert(part->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 26);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 26+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 0);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == i);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == i);
|
|
|
b62b43 |
+ }
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_parsed_parts(input, parts);
|
|
|
b62b43 |
+ i_stream_unref(&input);
|
|
|
b62b43 |
+ pool_unref(&pool);
|
|
|
b62b43 |
+ test_end();
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static void test_message_parser_mime_part_nested_limit(void)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+static const char input_msg[] =
|
|
|
b62b43 |
+"Content-Type: multipart/mixed; boundary=\"1\"\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"--1\n"
|
|
|
b62b43 |
+"Content-Type: multipart/mixed; boundary=\"2\"\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"--2\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"1\n"
|
|
|
b62b43 |
+"--2\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"22\n"
|
|
|
b62b43 |
+"--1\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"333\n";
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = {
|
|
|
b62b43 |
+ .max_nested_mime_parts = 2,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
+ struct message_parser_ctx *parser;
|
|
|
b62b43 |
+ struct istream *input;
|
|
|
b62b43 |
+ struct message_part *parts, *part;
|
|
|
b62b43 |
+ struct message_block block;
|
|
|
b62b43 |
+ pool_t pool;
|
|
|
b62b43 |
+ int ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_begin("message parser mime part nested limit");
|
|
|
b62b43 |
+ pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
+ input = test_istream_create(input_msg);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &parser_set);
|
|
|
b62b43 |
+ while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
+ test_assert(ret < 0);
|
|
|
b62b43 |
+ message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts;
|
|
|
b62b43 |
+ test_assert(part->children_count == 2);
|
|
|
b62b43 |
+ test_assert(part->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 45);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 45+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 15);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == 148);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == 148+15);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts->children;
|
|
|
b62b43 |
+ test_assert(part->children_count == 0);
|
|
|
b62b43 |
+ test_assert(part->flags == MESSAGE_PART_FLAG_IS_MIME);
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 45);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 45+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 7);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == 64);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == 64+7);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts->children->next;
|
|
|
b62b43 |
+ test_assert(part->children_count == 0);
|
|
|
b62b43 |
+ test_assert(part->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 26);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 26+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 1);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == 4);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == 4+1);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_parsed_parts(input, parts);
|
|
|
b62b43 |
+ i_stream_unref(&input);
|
|
|
b62b43 |
+ pool_unref(&pool);
|
|
|
b62b43 |
+ test_end();
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static void test_message_parser_mime_part_nested_limit_rfc822(void)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+static const char input_msg[] =
|
|
|
b62b43 |
+"Content-Type: message/rfc822\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"Content-Type: message/rfc822\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"1\n";
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = {
|
|
|
b62b43 |
+ .max_nested_mime_parts = 2,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
+ struct message_parser_ctx *parser;
|
|
|
b62b43 |
+ struct istream *input;
|
|
|
b62b43 |
+ struct message_part *parts, *part;
|
|
|
b62b43 |
+ struct message_block block;
|
|
|
b62b43 |
+ pool_t pool;
|
|
|
b62b43 |
+ int ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_begin("message parser mime part nested limit rfc822");
|
|
|
b62b43 |
+ pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
+ input = test_istream_create(input_msg);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &parser_set);
|
|
|
b62b43 |
+ while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
+ test_assert(ret < 0);
|
|
|
b62b43 |
+ message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts;
|
|
|
b62b43 |
+ test_assert(part->children_count == 1);
|
|
|
b62b43 |
+ test_assert(part->flags == (MESSAGE_PART_FLAG_MESSAGE_RFC822 | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 30);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 30+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 5);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == 58);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == 58+5);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts->children;
|
|
|
b62b43 |
+ test_assert(part->children_count == 0);
|
|
|
b62b43 |
+ test_assert(part->flags == MESSAGE_PART_FLAG_IS_MIME);
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 30);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 30+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 3);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == 28);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == 28+3);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_parsed_parts(input, parts);
|
|
|
b62b43 |
+ i_stream_unref(&input);
|
|
|
b62b43 |
+ pool_unref(&pool);
|
|
|
b62b43 |
+ test_end();
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+static void test_message_parser_mime_part_limit(void)
|
|
|
b62b43 |
+{
|
|
|
b62b43 |
+static const char input_msg[] =
|
|
|
b62b43 |
+"Content-Type: multipart/mixed; boundary=\"1\"\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"--1\n"
|
|
|
b62b43 |
+"Content-Type: multipart/mixed; boundary=\"2\"\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"--2\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"1\n"
|
|
|
b62b43 |
+"--2\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"22\n"
|
|
|
b62b43 |
+"--1\n"
|
|
|
b62b43 |
+"Content-Type: text/plain\n"
|
|
|
b62b43 |
+"\n"
|
|
|
b62b43 |
+"333\n";
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = {
|
|
|
b62b43 |
+ .max_total_mime_parts = 4,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
+ struct message_parser_ctx *parser;
|
|
|
b62b43 |
+ struct istream *input;
|
|
|
b62b43 |
+ struct message_part *parts, *part;
|
|
|
b62b43 |
+ struct message_block block;
|
|
|
b62b43 |
+ pool_t pool;
|
|
|
b62b43 |
+ int ret;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_begin("message parser mime part limit");
|
|
|
b62b43 |
+ pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
+ input = test_istream_create(input_msg);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &parser_set);
|
|
|
b62b43 |
+ while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ;
|
|
|
b62b43 |
+ test_assert(ret < 0);
|
|
|
b62b43 |
+ message_parser_deinit(&parser, &parts;;
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts;
|
|
|
b62b43 |
+ test_assert(part->children_count == 3);
|
|
|
b62b43 |
+ test_assert(part->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 45);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 45+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 15);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == 148);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == 148+15);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts->children;
|
|
|
b62b43 |
+ test_assert(part->children_count == 2);
|
|
|
b62b43 |
+ test_assert(part->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 45);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 45+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 12);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == 99);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == 99+12);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts->children->children;
|
|
|
b62b43 |
+ test_assert(part->children_count == 0);
|
|
|
b62b43 |
+ test_assert(part->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 26);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 26+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 0);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == 1);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == 1);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ part = parts->children->children->next;
|
|
|
b62b43 |
+ test_assert(part->children_count == 0);
|
|
|
b62b43 |
+ test_assert(part->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME));
|
|
|
b62b43 |
+ test_assert(part->header_size.lines == 2);
|
|
|
b62b43 |
+ test_assert(part->header_size.physical_size == 26);
|
|
|
b62b43 |
+ test_assert(part->header_size.virtual_size == 26+2);
|
|
|
b62b43 |
+ test_assert(part->body_size.lines == 5);
|
|
|
b62b43 |
+ test_assert(part->body_size.physical_size == 37);
|
|
|
b62b43 |
+ test_assert(part->body_size.virtual_size == 37+5);
|
|
|
b62b43 |
+
|
|
|
b62b43 |
+ test_parsed_parts(input, parts);
|
|
|
b62b43 |
+ i_stream_unref(&input);
|
|
|
b62b43 |
+ pool_unref(&pool);
|
|
|
b62b43 |
+ test_end();
|
|
|
b62b43 |
+}
|
|
|
b62b43 |
+
|
|
|
b62b43 |
int main(void)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
static void (*const test_functions[])(void) = {
|
|
|
b62b43 |
test_message_parser_small_blocks,
|
|
|
b62b43 |
+ test_message_parser_stop_early,
|
|
|
b62b43 |
test_message_parser_truncated_mime_headers,
|
|
|
b62b43 |
test_message_parser_truncated_mime_headers2,
|
|
|
b62b43 |
test_message_parser_truncated_mime_headers3,
|
|
|
b62b43 |
test_message_parser_empty_multipart,
|
|
|
b62b43 |
test_message_parser_duplicate_mime_boundary,
|
|
|
b62b43 |
test_message_parser_garbage_suffix_mime_boundary,
|
|
|
b62b43 |
+ test_message_parser_trailing_dashes,
|
|
|
b62b43 |
test_message_parser_continuing_mime_boundary,
|
|
|
b62b43 |
test_message_parser_continuing_truncated_mime_boundary,
|
|
|
b62b43 |
+ test_message_parser_continuing_mime_boundary_reverse,
|
|
|
b62b43 |
+ test_message_parser_long_mime_boundary,
|
|
|
b62b43 |
test_message_parser_no_eoh,
|
|
|
b62b43 |
+ test_message_parser_mime_part_nested_limit,
|
|
|
b62b43 |
+ test_message_parser_mime_part_nested_limit_rfc822,
|
|
|
b62b43 |
+ test_message_parser_mime_part_limit,
|
|
|
b62b43 |
NULL
|
|
|
b62b43 |
};
|
|
|
b62b43 |
return test_run(test_functions);
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-mail/test-message-part.c.CVE_2020_12100 dovecot-2.3.8/src/lib-mail/test-message-part.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-mail/test-message-part.c.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-mail/test-message-part.c 2020-08-07 12:29:39.976827472 +0200
|
|
|
b62b43 |
@@ -65,6 +65,7 @@ static const char test_msg[] =
|
|
|
b62b43 |
|
|
|
b62b43 |
static void test_message_part_idx(void)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
+ const struct message_parser_settings set = { .flags = 0 };
|
|
|
b62b43 |
struct message_parser_ctx *parser;
|
|
|
b62b43 |
struct istream *input;
|
|
|
b62b43 |
struct message_part *parts, *part, *prev_part;
|
|
|
b62b43 |
@@ -77,7 +78,7 @@ static void test_message_part_idx(void)
|
|
|
b62b43 |
pool = pool_alloconly_create("message parser", 10240);
|
|
|
b62b43 |
input = i_stream_create_from_data(test_msg, TEST_MSG_LEN);
|
|
|
b62b43 |
|
|
|
b62b43 |
- parser = message_parser_init(pool, input, 0, 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool, input, &set);
|
|
|
b62b43 |
while ((ret = message_parser_parse_next_block(parser, &block)) > 0) {
|
|
|
b62b43 |
part_idx = message_part_to_idx(block.part);
|
|
|
b62b43 |
test_assert(part_idx >= prev_idx);
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/lib-storage/index/index-mail-headers.c.CVE_2020_12100 dovecot-2.3.8/src/lib-storage/index/index-mail-headers.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/lib-storage/index/index-mail-headers.c.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/lib-storage/index/index-mail-headers.c 2020-08-07 12:31:09.948576696 +0200
|
|
|
b62b43 |
@@ -16,11 +16,11 @@
|
|
|
b62b43 |
#include "index-storage.h"
|
|
|
b62b43 |
#include "index-mail.h"
|
|
|
b62b43 |
|
|
|
b62b43 |
-static const enum message_header_parser_flags hdr_parser_flags =
|
|
|
b62b43 |
- MESSAGE_HEADER_PARSER_FLAG_SKIP_INITIAL_LWSP |
|
|
|
b62b43 |
- MESSAGE_HEADER_PARSER_FLAG_DROP_CR;
|
|
|
b62b43 |
-static const enum message_parser_flags msg_parser_flags =
|
|
|
b62b43 |
- MESSAGE_PARSER_FLAG_SKIP_BODY_BLOCK;
|
|
|
b62b43 |
+static const struct message_parser_settings msg_parser_set = {
|
|
|
b62b43 |
+ .hdr_flags = MESSAGE_HEADER_PARSER_FLAG_SKIP_INITIAL_LWSP |
|
|
|
b62b43 |
+ MESSAGE_HEADER_PARSER_FLAG_DROP_CR,
|
|
|
b62b43 |
+ .flags = MESSAGE_PARSER_FLAG_SKIP_BODY_BLOCK,
|
|
|
b62b43 |
+};
|
|
|
b62b43 |
|
|
|
b62b43 |
static int header_line_cmp(const struct index_mail_line *l1,
|
|
|
b62b43 |
const struct index_mail_line *l2)
|
|
|
b62b43 |
@@ -397,7 +397,7 @@ index_mail_cache_parse_init(struct mail
|
|
|
b62b43 |
mail->data.parser_input = input;
|
|
|
b62b43 |
mail->data.parser_ctx =
|
|
|
b62b43 |
message_parser_init(mail->mail.data_pool, input,
|
|
|
b62b43 |
- hdr_parser_flags, msg_parser_flags);
|
|
|
b62b43 |
+ &msg_parser_set);
|
|
|
b62b43 |
i_stream_unref(&input);
|
|
|
b62b43 |
return input2;
|
|
|
b62b43 |
}
|
|
|
b62b43 |
@@ -426,14 +426,12 @@ static void index_mail_init_parser(struc
|
|
|
b62b43 |
data->parser_input = data->stream;
|
|
|
b62b43 |
data->parser_ctx = message_parser_init(mail->mail.data_pool,
|
|
|
b62b43 |
data->stream,
|
|
|
b62b43 |
- hdr_parser_flags,
|
|
|
b62b43 |
- msg_parser_flags);
|
|
|
b62b43 |
+ &msg_parser_set);
|
|
|
b62b43 |
} else {
|
|
|
b62b43 |
data->parser_ctx =
|
|
|
b62b43 |
message_parser_init_from_parts(data->parts,
|
|
|
b62b43 |
data->stream,
|
|
|
b62b43 |
- hdr_parser_flags,
|
|
|
b62b43 |
- msg_parser_flags);
|
|
|
b62b43 |
+ &msg_parser_set);
|
|
|
b62b43 |
}
|
|
|
b62b43 |
}
|
|
|
b62b43 |
|
|
|
b62b43 |
@@ -466,7 +464,7 @@ int index_mail_parse_headers(struct inde
|
|
|
b62b43 |
i_assert(!data->save_bodystructure_body ||
|
|
|
b62b43 |
data->parser_ctx != NULL);
|
|
|
b62b43 |
message_parse_header(data->stream, &data->hdr_size,
|
|
|
b62b43 |
- hdr_parser_flags,
|
|
|
b62b43 |
+ msg_parser_set.hdr_flags,
|
|
|
b62b43 |
index_mail_parse_header_cb, mail);
|
|
|
b62b43 |
}
|
|
|
b62b43 |
if (index_mail_stream_check_failure(mail) < 0)
|
|
|
b62b43 |
@@ -521,7 +519,7 @@ int index_mail_headers_get_envelope(stru
|
|
|
b62b43 |
if (mail->data.envelope == NULL && stream != NULL) {
|
|
|
b62b43 |
/* we got the headers from cache - parse them to get the
|
|
|
b62b43 |
envelope */
|
|
|
b62b43 |
- message_parse_header(stream, NULL, hdr_parser_flags,
|
|
|
b62b43 |
+ message_parse_header(stream, NULL, msg_parser_set.hdr_flags,
|
|
|
b62b43 |
imap_envelope_parse_callback, mail);
|
|
|
b62b43 |
if (stream->stream_errno != 0) {
|
|
|
b62b43 |
index_mail_stream_log_failure_for(mail, stream);
|
|
|
b62b43 |
diff -up dovecot-2.3.8/src/plugins/fts/fts-build-mail.c.CVE_2020_12100 dovecot-2.3.8/src/plugins/fts/fts-build-mail.c
|
|
|
b62b43 |
--- dovecot-2.3.8/src/plugins/fts/fts-build-mail.c.CVE_2020_12100 2019-10-08 10:46:18.000000000 +0200
|
|
|
b62b43 |
+++ dovecot-2.3.8/src/plugins/fts/fts-build-mail.c 2020-08-07 12:29:39.977827458 +0200
|
|
|
b62b43 |
@@ -475,6 +475,9 @@ fts_build_mail_real(struct fts_backend_u
|
|
|
b62b43 |
const char **retriable_err_msg_r,
|
|
|
b62b43 |
bool *may_need_retry_r)
|
|
|
b62b43 |
{
|
|
|
b62b43 |
+ const struct message_parser_settings parser_set = {
|
|
|
b62b43 |
+ .hdr_flags = MESSAGE_HEADER_PARSER_FLAG_CLEAN_ONELINE,
|
|
|
b62b43 |
+ };
|
|
|
b62b43 |
struct fts_mail_build_context ctx;
|
|
|
b62b43 |
struct istream *input;
|
|
|
b62b43 |
struct message_parser_ctx *parser;
|
|
|
b62b43 |
@@ -503,9 +506,7 @@ fts_build_mail_real(struct fts_backend_u
|
|
|
b62b43 |
ctx.pending_input = buffer_create_dynamic(default_pool, 128);
|
|
|
b62b43 |
|
|
|
b62b43 |
prev_part = NULL;
|
|
|
b62b43 |
- parser = message_parser_init(pool_datastack_create(), input,
|
|
|
b62b43 |
- MESSAGE_HEADER_PARSER_FLAG_CLEAN_ONELINE,
|
|
|
b62b43 |
- 0);
|
|
|
b62b43 |
+ parser = message_parser_init(pool_datastack_create(), input, &parser_set);
|
|
|
b62b43 |
|
|
|
b62b43 |
decoder = message_decoder_init(update_ctx->normalizer, 0);
|
|
|
b62b43 |
for (;;) {
|