Skip to content

Commit

Permalink
imapd.c, imapparse.c: call fatal(EX_PROTOCOL) when client exceeds a l…
Browse files Browse the repository at this point in the history 
…imit
  • Loading branch information
@ksmurchison @elliefm
ksmurchison authored and elliefm committed May 1, 2024
1 parent 280151c commit b21941f
Show file tree
Hide file tree
Showing 3 changed files with 41 additions and 41 deletions.
12 changes: 6 additions & 6 deletions cunit/parse.testc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ static void test_getint32(void)
/* test a string with too many digits */
CU_EXPECT_CYRFATAL_BEGIN;
wrap_int_parser(getint32, int32_t, STR3, &c, &val, NULL);
CU_EXPECT_CYRFATAL_END(EX_IOERR, "num too big");
CU_EXPECT_CYRFATAL_END(EX_PROTOCOL, "num too big");

/* test a valid value with a different terminator */
wrap_int_parser(getint32, int32_t, STR4, &c, &val, &bytes_in);
Expand Down Expand Up @@ -188,7 +188,7 @@ static void test_getsint32(void)
/* test a string with too many digits */
CU_EXPECT_CYRFATAL_BEGIN;
wrap_int_parser(getsint32, int32_t, STR3, &c, &val, NULL);
CU_EXPECT_CYRFATAL_END(EX_IOERR, "num too big");
CU_EXPECT_CYRFATAL_END(EX_PROTOCOL, "num too big");

/* test a valid value with a different terminator */
wrap_int_parser(getsint32, int32_t, STR4, &c, &val, &bytes_in);
Expand Down Expand Up @@ -255,7 +255,7 @@ static void test_getuint32(void)
/* test a string with too many digits */
CU_EXPECT_CYRFATAL_BEGIN;
wrap_int_parser(getuint32, uint32_t, STR3, &c, &val, NULL);
CU_EXPECT_CYRFATAL_END(EX_IOERR, "num too big");
CU_EXPECT_CYRFATAL_END(EX_PROTOCOL, "num too big");

/* test a valid value with a different terminator */
wrap_int_parser(getuint32, uint32_t, STR4, &c, &val, &bytes_in);
Expand Down Expand Up @@ -322,7 +322,7 @@ static void test_getint64(void)
/* test a string with too many digits */
CU_EXPECT_CYRFATAL_BEGIN;
wrap_int_parser(getint64, int64_t, STR3, &c, &val, NULL);
CU_EXPECT_CYRFATAL_END(EX_IOERR, "num too big");
CU_EXPECT_CYRFATAL_END(EX_PROTOCOL, "num too big");

/* test a valid value with a different terminator */
wrap_int_parser(getint64, int64_t, STR4, &c, &val, &bytes_in);
Expand Down Expand Up @@ -391,7 +391,7 @@ static void test_getsint64(void)
/* test a string with too many digits */
CU_EXPECT_CYRFATAL_BEGIN;
wrap_int_parser(getsint64, int64_t, STR3, &c, &val, NULL);
CU_EXPECT_CYRFATAL_END(EX_IOERR, "num too big");
CU_EXPECT_CYRFATAL_END(EX_PROTOCOL, "num too big");

/* test a valid value with a different terminator */
wrap_int_parser(getsint64, int64_t, STR4, &c, &val, &bytes_in);
Expand Down Expand Up @@ -458,7 +458,7 @@ static void test_getuint64(void)
/* test a string with too many digits */
CU_EXPECT_CYRFATAL_BEGIN;
wrap_int_parser(getuint64, uint64_t, STR3, &c, &val, NULL);
CU_EXPECT_CYRFATAL_END(EX_IOERR, "num too big");
CU_EXPECT_CYRFATAL_END(EX_PROTOCOL, "num too big");

/* test a valid value with a different terminator */
wrap_int_parser(getuint64, uint64_t, STR4, &c, &val, &bytes_in);
Expand Down
48 changes: 24 additions & 24 deletions imap/imapd.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3551,13 +3551,13 @@ static int getliteralsize(const char *tag, const char *p, int c, size_t maxsize,
/* Fail per RFC 7888, Section 4, choice 2 */
prot_printf(imapd_out, "%s NO %s\r\n", tag,
error_message(IMAP_LITERAL_MINUS_TOO_LARGE));
fatal(error_message(IMAP_LITERAL_MINUS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_LITERAL_MINUS_TOO_LARGE), EX_PROTOCOL);
}
if (num > maxsize) {
/* Fail per RFC 7888, Section 4, choice 2 */
prot_printf(imapd_out, "%s NO %s\r\n", tag,
error_message(IMAP_MESSAGE_TOOBIG));
fatal(error_message(IMAP_MESSAGE_TOOBIG), EX_IOERR);
fatal(error_message(IMAP_MESSAGE_TOOBIG), EX_PROTOCOL);
}
isnowait++;
p++;
Expand Down Expand Up @@ -3928,7 +3928,7 @@ static void cmd_append(char *tag, char *name, const char *cur_name)
do {
c = getword(imapd_in, &arg);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
if (!curstage->flags.count && !arg.s[0] && c == ')') break; /* empty list */
if (!isokflag(arg.s, &sync_seen)) {
parseerr = "Invalid flag in Append command";
Expand Down Expand Up @@ -4264,7 +4264,7 @@ static void cmd_select(char *tag, char *cmd, char *name)
if (arg.s[0] == '\0') goto badlist;
for (;;) {
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);

ucase(arg.s);
if (!strcmp(arg.s, "CONDSTORE")) {
Expand Down Expand Up @@ -4641,7 +4641,7 @@ static int parse_fetch_args(const char *tag, const char *cmd,
}
for (;;) {
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);

ucase(fetchatt.s);
switch (fetchatt.s[0]) {
Expand Down Expand Up @@ -4774,7 +4774,7 @@ static int parse_fetch_args(const char *tag, const char *cmd,
do {
c = getastring(imapd_in, imapd_out, &fieldname);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
if (c == IMAP_LITERAL_TOO_LARGE) {
prot_printf(imapd_out, "%s NO %s in %s %s\r\n",
tag, error_message(c), cmd, fetchatt.s);
Expand Down Expand Up @@ -5110,7 +5110,7 @@ static int parse_fetch_args(const char *tag, const char *cmd,
do {
c = getword(imapd_in, &fetchatt);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);

ucase(fetchatt.s);
if (!strcmp(fetchatt.s, "CHANGEDSINCE")) {
Expand Down Expand Up @@ -5459,7 +5459,7 @@ static void cmd_store(char *tag, char *sequence, int usinguid)
do {
c = getword(imapd_in, &storemod);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);

ucase(storemod.s);
if (!strcmp(storemod.s, "UNCHANGEDSINCE")) {
Expand Down Expand Up @@ -5554,7 +5554,7 @@ static void cmd_store(char *tag, char *sequence, int usinguid)
for (;;) {
c = getword(imapd_in, &flagname);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
if (c == '(' && !flagname.s[0] && !flagsparsed && !inlist) {
inlist = 1;
continue;
Expand Down Expand Up @@ -7462,7 +7462,7 @@ static void getlistargs(char *tag, struct listargs *listargs)
for (;;) {
c = getastring(imapd_in, imapd_out, &buf);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
if (c == IMAP_LITERAL_TOO_LARGE) goto maxliteral;
if (*buf.s)
strarray_append(&listargs->pat, buf.s);
Expand Down Expand Up @@ -8308,7 +8308,7 @@ void cmd_setquota(const char *tag, const char *quotaroot)
else if (c != ' ') goto badlist;

if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
}
c = prot_getc(imapd_in);
if (!IS_EOL(c, imapd_in)) {
Expand Down Expand Up @@ -8462,7 +8462,7 @@ static int parse_statusitems(unsigned *statusitemsp, const char **errstr)
if (arg.s[0] == '\0') goto bad;
for (;;) {
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);

lcase(arg.s);
if (!strcmp(arg.s, "messages")) {
Expand Down Expand Up @@ -8847,7 +8847,7 @@ static int parsecreateargs(struct dlist **extargs)
do {
c = getword(imapd_in, &arg);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);

name = ucase(arg.s);
if (c != ' ') goto fail;
Expand All @@ -8858,7 +8858,7 @@ static int parsecreateargs(struct dlist **extargs)
do {
c = getword(imapd_in, &val);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);

dlist_setatom(sub, name, val.s);
} while (c == ' ');
Expand Down Expand Up @@ -8929,7 +8929,7 @@ static int parse_annotate_fetch_data(const char *tag,
else
c = getqstring(imapd_in, imapd_out, &arg);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
if (c == IMAP_LITERAL_TOO_LARGE) goto maxliteral;
if (c == EOF) {
prot_printf(imapd_out,
Expand Down Expand Up @@ -8982,7 +8982,7 @@ static int parse_annotate_fetch_data(const char *tag,
else
c = getqstring(imapd_in, imapd_out, &arg);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
if (c == IMAP_LITERAL_TOO_LARGE) goto maxliteral;
if (c == EOF) {
prot_printf(imapd_out,
Expand Down Expand Up @@ -9062,7 +9062,7 @@ static int parse_metadata_string_or_list(const char *tag,
do {
c = getastring(imapd_in, imapd_out, &arg);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
if (c == IMAP_LITERAL_TOO_LARGE) goto maxliteral;
if (c == EOF) {
prot_printf(imapd_out,
Expand Down Expand Up @@ -9168,7 +9168,7 @@ static int parse_annotate_store_data(const char *tag,
else
c = getqstring(imapd_in, imapd_out, &entry);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
if (c == IMAP_LITERAL_TOO_LARGE) goto maxliteral;
if (c == EOF) {
prot_printf(imapd_out,
Expand Down Expand Up @@ -9212,7 +9212,7 @@ static int parse_annotate_store_data(const char *tag,
}

if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);

/* add the attrib-value pair to the list */
appendattvalue(&attvalues, attrib.s, &value);
Expand Down Expand Up @@ -9290,7 +9290,7 @@ static int parse_metadata_store_data(const char *tag,
/* get entry */
c = getastring(imapd_in, imapd_out, &entry);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
if (c == IMAP_LITERAL_TOO_LARGE) goto maxliteral;
if (c != ' ') {
prot_printf(imapd_out,
Expand All @@ -9305,7 +9305,7 @@ static int parse_metadata_store_data(const char *tag,
/* get value */
c = getbnstring(imapd_in, imapd_out, &value);
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
if (c == IMAP_LITERAL_TOO_LARGE) goto maxliteral;
if (c == EOF) {
prot_printf(imapd_out,
Expand Down Expand Up @@ -11548,7 +11548,7 @@ static int getsortcriteria(char *tag, struct sortcrit **sortcrit)
n = 0;
for (;;) {
if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);

if (n >= nsort - 1) { /* leave room for implicit criterion */
/* (Re)allocate an array for sort criteria */
Expand Down Expand Up @@ -11700,7 +11700,7 @@ static int getlistselopts(char *tag, struct listargs *args)
c = getword(imapd_in, &buf);

if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
if (!*buf.s) {
prot_printf(imapd_out,
"%s BAD Invalid syntax in List command\r\n",
Expand Down Expand Up @@ -11806,7 +11806,7 @@ static int getlistretopts(char *tag, struct listargs *args)
c = getword(imapd_in, &buf);

if (prot_bytes_in(imapd_in) > maxargssize_mark)
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
if (!*buf.s) {
prot_printf(imapd_out,
"%s BAD Invalid syntax in List command\r\n", tag);
Expand Down
22 changes: 11 additions & 11 deletions imap/imapparse.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ EXPORTED int getword(struct protstream *in, struct buf *buf)
}
buf_putc(buf, c);
if (config_maxword && buf_len(buf) > config_maxword) {
fatal("[TOOBIG] Word too long", EX_IOERR);
fatal("[TOOBIG] Word too long", EX_PROTOCOL);
}
}
}
Expand Down Expand Up @@ -138,7 +138,7 @@ EXPORTED int getxstring(struct protstream *pin, struct protstream *pout,
}
buf_putc(buf, c);
if (config_maxquoted && buf_len(buf) > config_maxquoted) {
fatal("[TOOBIG] Quoted value too long", EX_IOERR);
fatal("[TOOBIG] Quoted value too long", EX_PROTOCOL);
}
}

Expand All @@ -157,11 +157,11 @@ EXPORTED int getxstring(struct protstream *pin, struct protstream *pout,
/* LITERAL- says maximum size is 4096! */
if (lminus && len > 4096) {
/* Fail per RFC 7888, Section 4, choice 2 */
fatal(error_message(IMAP_LITERAL_MINUS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_LITERAL_MINUS_TOO_LARGE), EX_PROTOCOL);
}
if (config_maxliteral && len >= 0 && (unsigned) len > config_maxliteral) {
/* Fail per RFC 7888, Section 4, choice 2 */
fatal(error_message(IMAP_LITERAL_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_LITERAL_TOO_LARGE), EX_PROTOCOL);
}
isnowait++;
c = prot_getc(pin);
Expand Down Expand Up @@ -225,7 +225,7 @@ EXPORTED int getxstring(struct protstream *pin, struct protstream *pout,
}
buf_putc(buf, c);
if (config_maxword && buf_len(buf) > config_maxword) {
fatal("[TOOBIG] Word too long", EX_IOERR);
fatal("[TOOBIG] Word too long", EX_PROTOCOL);
}
c = prot_getc(pin);
}
Expand Down Expand Up @@ -284,7 +284,7 @@ EXPORTED int getint32(struct protstream *pin, int32_t *num)
/* INT_MAX == 2147483647 */
while ((c = prot_getc(pin)) != EOF && cyrus_isdigit(c)) {
if (result > 214748364 || (result == 214748364 && (c > '7')))
fatal("num too big", EX_IOERR);
fatal("num too big", EX_PROTOCOL);
result = result * 10 + c - '0';
gotchar = 1;
}
Expand Down Expand Up @@ -337,7 +337,7 @@ EXPORTED int getuint32(struct protstream *pin, uint32_t *num)
/* UINT_MAX == 4294967295U */
while ((c = prot_getc(pin)) != EOF && cyrus_isdigit(c)) {
if (result > 429496729 || (result == 429496729 && (c > '5')))
fatal("num too big", EX_IOERR);
fatal("num too big", EX_PROTOCOL);
result = result * 10 + c - '0';
gotchar = 1;
}
Expand All @@ -361,7 +361,7 @@ EXPORTED int getint64(struct protstream *pin, int64_t *num)
/* LLONG_MAX == 9223372036854775807LL */
while ((c = prot_getc(pin)) != EOF && cyrus_isdigit(c)) {
if (result > 922337203685477580LL || (result == 922337203685477580LL && (c > '7')))
fatal("num too big", EX_IOERR);
fatal("num too big", EX_PROTOCOL);
result = result * 10 + c - '0';
gotchar = 1;
}
Expand Down Expand Up @@ -414,7 +414,7 @@ EXPORTED int getuint64(struct protstream *pin, uint64_t *num)
/* ULLONG_MAX == 18446744073709551615ULL */
while ((c = prot_getc(pin)) != EOF && cyrus_isdigit(c)) {
if (result > 1844674407370955161ULL || (result == 1844674407370955161ULL && (c > '5')))
fatal("num too big", EX_IOERR);
fatal("num too big", EX_PROTOCOL);
result = result * 10 + c - '0';
gotchar = 1;
}
Expand Down Expand Up @@ -636,7 +636,7 @@ EXPORTED int get_search_return_opts(struct protstream *pin,

if (searchargs->maxargssize_mark &&
prot_bytes_in(pin) > searchargs->maxargssize_mark) {
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
}

} while (c == ' ');
Expand Down Expand Up @@ -1389,7 +1389,7 @@ static int get_search_criterion(struct protstream *pin,

if (base->maxargssize_mark &&
prot_bytes_in(pin) > base->maxargssize_mark) {
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_IOERR);
fatal(error_message(IMAP_ARGS_TOO_LARGE), EX_PROTOCOL);
}

if (!keep_charset)
Expand Down

0 comments on commit b21941f

Please sign in to comment.