Mercurial > dovecot > core-2.2

changeset 20844:90fad61ff8ae

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
director: Escape username when handling USER-KICK. This could have caused problems if username parameter contained TABs or LFs, which of course shouldn't normally happen.
author Timo Sirainen <timo.sirainen@dovecot.fi>
date Thu, 06 Oct 2016 15:13:30 +0300
parents 99c3726c1551
children 11f6f45baf3e
files src/director/director.c
diffstat 1 files changed, 9 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/src/director/director.c	Thu Oct 06 14:54:51 2016 +0300
+++ b/src/director/director.c	Thu Oct 06 15:13:30 2016 +0300
@@ -889,20 +889,22 @@
 void director_kick_user(struct director *dir, struct director_host *src,
 			struct director_host *orig_src, const char *username)
 {
-	const char *cmd;
+	string_t *cmd = t_str_new(64);
 
-	cmd = t_strdup_printf("proxy\t*\tKICK\t%s", username);
-	ipc_client_cmd(dir->ipc_proxy, cmd,
+	str_append(cmd, "proxy\t*\tKICK\t");
+	str_append_tabescaped(cmd, username);
+	ipc_client_cmd(dir->ipc_proxy, str_c(cmd),
 		       director_kick_user_callback, (void *)NULL);
 
 	if (orig_src == NULL) {
 		orig_src = dir->self_host;
 		orig_src->last_seq++;
 	}
-	cmd = t_strdup_printf("USER-KICK\t%s\t%u\t%u\t%s\n",
-		net_ip2addr(&orig_src->ip), orig_src->port, orig_src->last_seq,
-		username);
-	director_update_send_version(dir, src, DIRECTOR_VERSION_USER_KICK, cmd);
+	str_printfa(cmd, "USER-KICK\t%s\t%u\t%u\t",
+		net_ip2addr(&orig_src->ip), orig_src->port, orig_src->last_seq);
+	str_append_tabescaped(cmd, username);
+	str_append_c(cmd, '\n');
+	director_update_send_version(dir, src, DIRECTOR_VERSION_USER_KICK, str_c(cmd));
 }
 
 void director_kick_user_hash(struct director *dir, struct director_host *src,