Mercurial > dovecot > core-2.2

changeset 20960:5ecd72688313

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
imap-login: Skip NIL value in ID handler NIL value can cause hard crash, depending what the key is. For x-proxy-ttl, NIL will crash on any system, x-originating-ip will crash on some nss versions (e.g. centos 6.7). Migitating factor here is that the NIL value is only accepted from trusted network.
author Aki Tuomi <aki.tuomi@dovecot.fi>
date Tue, 25 Oct 2016 10:29:50 +0300
parents 7aca58261697
children d2e877350c52
files src/imap-login/imap-login-client.c
diffstat 1 files changed, 3 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/imap-login/imap-login-client.c	Mon Oct 24 18:52:24 2016 +0300
+++ b/src/imap-login/imap-login-client.c	Tue Oct 25 10:29:50 2016 +0300
@@ -150,6 +150,9 @@
 client_update_info(struct imap_client *client,
 		   const char *key, const char *value)
 {
+	/* do not try to process NIL value */
+	if (value == NULL)
+		return;
 	if (strcasecmp(key, "x-originating-ip") == 0) {
 		(void)net_addr2ip(value, &client->common.ip);
 	} else if (strcasecmp(key, "x-originating-port") == 0) {