From 9d3ecff3de5553159334cf644e996a616dc52670 Mon Sep 17 00:00:00 2001
From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Mon, 17 Aug 2020 18:22:42 +0300
Subject: [PATCH] imap-login: Use imap_parser_read_tag() and
 _read_command_name()

---
 src/imap-login/imap-login-client.c | 58 ++++++++++++------------------
 1 file changed, 23 insertions(+), 35 deletions(-)

diff --git a/src/imap-login/imap-login-client.c b/src/imap-login/imap-login-client.c
index ce5049d567..b2c8af9cbf 100644
--- a/src/imap-login/imap-login-client.c
+++ b/src/imap-login/imap-login-client.c
@@ -196,7 +196,7 @@ static int client_command_execute(struct imap_client *client, const char *cmd,
 
 static bool client_invalid_command(struct imap_client *client)
 {
-	if (*client->cmd_tag == '\0')
+	if (client->cmd_tag == NULL || *client->cmd_tag == '\0')
 		client->cmd_tag = "*";
 	if (++client->common.bad_counter >= CLIENT_MAX_BAD_COMMANDS) {
 		client_send_reply(&client->common, IMAP_CMD_REPLY_BYE,
@@ -210,33 +210,6 @@ static bool client_invalid_command(struct imap_client *client)
 	return TRUE;
 }
 
-static bool imap_is_valid_tag(const char *tag)
-{
-	for (; *tag != '\0'; tag++) {
-		switch (*tag) {
-		case '+':
-		/* atom-specials: */
-		case '(':
-		case ')':
-		case '{':
-		case '/':
-		case ' ':
-		/* list-wildcards: */
-		case '%':
-		case '*':
-		/* quoted-specials: */
-		case '"':
-		case '\\':
-			return FALSE;
-		default:
-			if (*tag < ' ') /* CTL */
-				return FALSE;
-			break;
-		}
-	}
-	return TRUE;
-}
-
 static int client_parse_command(struct imap_client *client,
 				const struct imap_arg **args_r)
 {
@@ -261,6 +234,9 @@ static int client_parse_command(struct imap_client *client,
 
 static bool client_handle_input(struct imap_client *client)
 {
+	const char *tag, *name;
+	int ret;
+
 	i_assert(!client->common.authenticating);
 
 	if (client->cmd_finished) {
@@ -282,23 +258,35 @@ static bool client_handle_input(struct imap_client *client)
 	}
 
 	if (client->cmd_tag == NULL) {
-                client->cmd_tag = imap_parser_read_word(client->parser);
-		if (client->cmd_tag == NULL)
+		ret = imap_parser_read_tag(client->parser, &tag);
+		if (ret == 0)
 			return FALSE; /* need more data */
-		if (!imap_is_valid_tag(client->cmd_tag) ||
-		    strlen(client->cmd_tag) > IMAP_TAG_MAX_LEN) {
+		if (ret < 0 || strlen(tag) > IMAP_TAG_MAX_LEN) {
 			/* the tag is invalid, don't allow it and don't
 			   send it back. this attempts to prevent any
 			   potentially dangerous replies in case someone tries
 			   to access us using HTTP protocol. */
-			client->cmd_tag = "";
+			client->skip_line = TRUE;
+			client->cmd_finished = TRUE;
+			if (!client_invalid_command(client))
+				return FALSE;
+			return client_handle_input(client);
 		}
+		client->cmd_tag = tag;
 	}
 
 	if (client->cmd_name == NULL) {
-                client->cmd_name = imap_parser_read_word(client->parser);
-		if (client->cmd_name == NULL)
+		ret = imap_parser_read_command_name(client->parser, &name);
+		if (ret == 0)
 			return FALSE; /* need more data */
+		if (ret < 0) {
+			client->skip_line = TRUE;
+			client->cmd_finished = TRUE;
+			if (!client_invalid_command(client))
+				return FALSE;
+			return client_handle_input(client);
+		}
+		client->cmd_name = name;
 	}
 	return client->common.v.input_next_cmd(&client->common);
 }