Mercurial > dovecot > original-hg > dovecot-1.2

changeset 7367:8b0fe9c43c85 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Don't allow too large extension header sizes. They're probably caused by file corruption.
author Timo Sirainen <tss@iki.fi>
date Fri, 07 Mar 2008 03:52:52 +0200
parents f4990a37a8df
children 750ff2eb83a0
files src/lib-index/mail-index-map.c src/lib-index/mail-index-private.h
diffstat 2 files changed, 8 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/lib-index/mail-index-map.c	Fri Mar 07 03:49:36 2008 +0200
+++ b/src/lib-index/mail-index-map.c	Fri Mar 07 03:52:52 2008 +0200
@@ -184,6 +184,11 @@
 					   "not used", ext_hdr->record_align);
 		return -1;
 	}
+	if (ext_hdr->hdr_size > MAIL_INDEX_EXT_HEADER_MAX_SIZE) {
+		*error_r = t_strdup_printf("Headersize too large (%u)",
+					   ext_hdr->hdr_size);
+		return -1;
+	}
 	return 0;
 }
 
--- a/src/lib-index/mail-index-private.h	Fri Mar 07 03:49:36 2008 +0200
+++ b/src/lib-index/mail-index-private.h	Fri Mar 07 03:52:52 2008 +0200
@@ -18,6 +18,9 @@
    This happens with NFS when the file has been deleted (ie. index file was
    rewritten by another computer than us). */
 #define MAIL_INDEX_ESTALE_RETRY_COUNT NFS_ESTALE_RETRY_COUNT
+/* Large extension header sizes are probably caused by file corruption, so
+   try to catch them by limiting the header size. */
+#define MAIL_INDEX_EXT_HEADER_MAX_SIZE (1024*1024*16-1)
 
 #define MAIL_INDEX_IS_IN_MEMORY(index) \
 	((index)->dir == NULL)