Mercurial > dovecot > original-hg > dovecot-1.2
changeset 4395:3f9b7d2a7c60 HEAD
When creating a mailbox, limit the number of hierarchies (to 20) and the
length of the mailbox name within a hierarchy (to 200).
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sat, 17 Jun 2006 16:03:27 +0300 |
parents | 0462137fa4ce |
children | 208194b3742a |
files | src/lib-storage/index/dbox/dbox-storage.c src/lib-storage/index/maildir/maildir-storage.c src/lib-storage/index/mbox/mbox-storage.c src/lib-storage/mail-storage-private.h src/lib-storage/mail-storage.c |
diffstat | 5 files changed, 44 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib-storage/index/dbox/dbox-storage.c Sat Jun 17 15:40:29 2006 +0300 +++ b/src/lib-storage/index/dbox/dbox-storage.c Sat Jun 17 16:03:27 2006 +0300 @@ -204,6 +204,11 @@ len > DBOX_MAX_MAILBOX_NAME_LENGTH) return FALSE; + if ((storage->flags & MAIL_STORAGE_FLAG_FULL_FS_ACCESS) == 0) { + if (mailbox_name_is_too_large(name, '/')) + return FALSE; + } + return dbox_is_valid_mask(storage, name); }
--- a/src/lib-storage/index/maildir/maildir-storage.c Sat Jun 17 15:40:29 2006 +0300 +++ b/src/lib-storage/index/maildir/maildir-storage.c Sat Jun 17 16:03:27 2006 +0300 @@ -207,6 +207,9 @@ return FALSE; } + if (mailbox_name_is_too_large(name, '.')) + return FALSE; + return TRUE; }
--- a/src/lib-storage/index/mbox/mbox-storage.c Sat Jun 17 15:40:29 2006 +0300 +++ b/src/lib-storage/index/mbox/mbox-storage.c Sat Jun 17 16:03:27 2006 +0300 @@ -407,6 +407,11 @@ len > MBOX_MAX_MAILBOX_NAME_LENGTH) return FALSE; + if ((storage->flags & MAIL_STORAGE_FLAG_FULL_FS_ACCESS) == 0) { + if (mailbox_name_is_too_large(name, '/')) + return FALSE; + } + return mbox_is_valid_mask(storage, name); }
--- a/src/lib-storage/mail-storage-private.h Sat Jun 17 15:40:29 2006 +0300 +++ b/src/lib-storage/mail-storage-private.h Sat Jun 17 16:03:27 2006 +0300 @@ -254,5 +254,6 @@ const char *mail_storage_class_get_last_error(struct mail_storage *storage, bool *syntax_error_r); +bool mailbox_name_is_too_large(const char *name, char sep); #endif
--- a/src/lib-storage/mail-storage.c Sat Jun 17 15:40:29 2006 +0300 +++ b/src/lib-storage/mail-storage.c Sat Jun 17 16:03:27 2006 +0300 @@ -14,6 +14,14 @@ "Internal error occurred. Refer to server log for more information." #define CRITICAL_MSG_STAMP CRITICAL_MSG " [%Y-%m-%d %H:%M:%S]" +/* 20 * (200+1) < 4096 which is the standard PATH_MAX. Having these settings + prevents malicious user from creating eg. "a/a/a/.../a" mailbox name and + then start renaming them to larger names from end to beginning, which + eventually would start causing the failures when trying to use too + long mailbox names. */ +#define MAILBOX_MAX_HIERARCHY_LEVELS 20 +#define MAILBOX_MAX_HIERARCHY_NAME_LENGTH 200 + unsigned int mail_storage_module_id = 0; static array_t ARRAY_DEFINE(storages, struct mail_storage *); @@ -536,3 +544,25 @@ { return box->v.is_inconsistent(box); } + +bool mailbox_name_is_too_large(const char *name, char sep) +{ + unsigned int levels = 1, level_len = 0; + + for (; *name != '\0'; name++) { + if (*name == sep) { + if (level_len > MAILBOX_MAX_HIERARCHY_NAME_LENGTH) + return TRUE; + levels++; + level_len = 0; + } else { + level_len++; + } + } + + if (level_len > MAILBOX_MAX_HIERARCHY_NAME_LENGTH) + return TRUE; + if (levels > MAILBOX_MAX_HIERARCHY_LEVELS) + return TRUE; + return FALSE; +}