Mercurial > dovecot > core-2.2
comparison src/doveadm/dsync/dsync-ibc-stream.c @ 22311:25af9d4dad59
global: Replaced t_strsplit_tab() calls with t_strsplit_tabescaped()
This is useful especially in auth code to support LFs in extra fields.
Other pieces of code were also tab-escaping strings, but never unescaping
them. Usually it didn't matter, because nobody would use the escaped
characters. Still, the code wasn't exactly behaving correctly.
One downside to this change is that it's now possible to pass through TABs,
CRs and LFs through the various protocols. In theory this shouldn't cause
any problems, but combined with other bugs this could trigger some security
problems.
author | Timo Sirainen <timo.sirainen@dovecot.fi> |
---|---|
date | Thu, 20 Oct 2016 17:45:44 +0300 |
parents | e95435889161 |
children | 1f8b784712e1 |
comparison
equal
deleted
inserted
replaced
22310:a28f5bfb15fc | 22311:25af9d4dad59 |
---|---|
1773 if (dsync_deserializer_decode_try(decoder, "keywords_reset", &value)) | 1773 if (dsync_deserializer_decode_try(decoder, "keywords_reset", &value)) |
1774 change->keywords_reset = TRUE; | 1774 change->keywords_reset = TRUE; |
1775 | 1775 |
1776 if (dsync_deserializer_decode_try(decoder, "keyword_changes", &value) && | 1776 if (dsync_deserializer_decode_try(decoder, "keyword_changes", &value) && |
1777 *value != '\0') { | 1777 *value != '\0') { |
1778 const char *const *changes = t_strsplit_tab(value); | 1778 const char *const *changes = t_strsplit_tabescaped(value); |
1779 unsigned int i, count = str_array_length(changes); | 1779 unsigned int i, count = str_array_length(changes); |
1780 | 1780 |
1781 p_array_init(&change->keyword_changes, pool, count); | 1781 p_array_init(&change->keyword_changes, pool, count); |
1782 for (i = 0; i < count; i++) { | 1782 for (i = 0; i < count; i++) { |
1783 value = p_strdup(pool, changes[i]); | 1783 value = p_strdup(pool, changes[i]); |