Mercurial > dovecot > original-hg > dovecot-1.2
changeset 3480:33ec07ee3bcd HEAD
Try to prevent some broken keyword names.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 12 Jul 2005 17:43:11 +0300 |
parents | 3ec1032a4b69 |
children | 2d631ab1d90e |
files | src/lib-storage/index/mbox/mbox-sync-parse.c |
diffstat | 1 files changed, 18 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib-storage/index/mbox/mbox-sync-parse.c Tue Jul 12 16:40:29 2005 +0300 +++ b/src/lib-storage/index/mbox/mbox-sync-parse.c Tue Jul 12 17:43:11 2005 +0300 @@ -109,6 +109,19 @@ return TRUE; } +static int keyword_is_valid(const char *keyword) +{ + /* try to only prevent the most malicious looking keywords. */ + for (; *keyword != '\0'; keyword++) { + if (*keyword == '(' || *keyword == ')' || + *keyword == '{' || *keyword == '}' || + *keyword == '\\' || *keyword == '"' || + (unsigned char)*keyword <= 32) + return FALSE; + } + return TRUE; +} + static void parse_imap_keywords_list(struct mbox_sync_mail_context *ctx, struct message_header_line *hdr, size_t pos) @@ -135,8 +148,11 @@ t_push(); keyword = t_strndup(hdr->full_value + keyword_start, pos - keyword_start); - (void)mail_index_keyword_lookup(ctx->sync_ctx->mbox->ibox.index, - keyword, TRUE, &idx); + if (keyword_is_valid(keyword)) { + (void)mail_index_keyword_lookup( + ctx->sync_ctx->mbox->ibox.index, + keyword, TRUE, &idx); + } t_pop(); count++;