Mercurial > dovecot > original-hg > dovecot-1.2

changeset 24:e8de6f485c65 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Don't allow using "../" anywhere in mailbox names.
author Timo Sirainen <tss@iki.fi>
date Sun, 25 Aug 2002 20:51:10 +0300
parents 6cefb1763f3e
children 55e09f36d23d
files src/lib-storage/index/maildir/maildir-storage.c src/lib-storage/index/mbox/mbox-storage.c
diffstat 2 files changed, 48 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/lib-storage/index/maildir/maildir-storage.c	Sat Aug 24 15:03:29 2002 +0300
+++ b/src/lib-storage/index/maildir/maildir-storage.c	Sun Aug 25 20:51:10 2002 +0300
@@ -152,6 +152,11 @@
 		return maildir_open(storage, "INBOX", readonly);
 	}
 
+	if (!maildir_is_valid_name(storage, name)) {
+		mail_storage_set_error(storage, "Invalid mailbox name");
+		return FALSE;
+	}
+
 	i_snprintf(path, sizeof(path), "%s/.%s", storage->dir, name);
 	if (stat(path, &st) == 0) {
 		/* exists - make sure the required directories are also there */
@@ -208,6 +213,11 @@
 		return FALSE;
 	}
 
+	if (!maildir_is_valid_name(storage, name)) {
+		mail_storage_set_error(storage, "Invalid mailbox name");
+		return FALSE;
+	}
+
 	/* rename the .maildir into ..maildir which marks it as being
 	   deleted. this way we never see partially deleted maildirs. */
 	i_snprintf(src, sizeof(src), "%s/.%s", storage->dir, name);
@@ -287,6 +297,12 @@
 	if (strcasecmp(oldname, "INBOX") == 0)
 		oldname = "INBOX";
 
+	if (!maildir_is_valid_name(storage, oldname) ||
+	    !maildir_is_valid_name(storage, newname)) {
+		mail_storage_set_error(storage, "Invalid mailbox name");
+		return FALSE;
+	}
+
 	/* NOTE: renaming INBOX works just fine with us, it's simply created
 	   the next time it's needed. Only problem with it is that it's not
 	   atomic operation but that can't be really helped. */
--- a/src/lib-storage/index/mbox/mbox-storage.c	Sat Aug 24 15:03:29 2002 +0300
+++ b/src/lib-storage/index/mbox/mbox-storage.c	Sun Aug 25 20:51:10 2002 +0300
@@ -86,7 +86,22 @@
 
 static int mbox_is_valid_name(MailStorage *storage, const char *name)
 {
-	return name[0] != '\0' && name[0] != storage->hierarchy_sep;
+	const char *p;
+	int newdir;
+
+	if (name[0] == '\0' || name[0] == storage->hierarchy_sep)
+		return FALSE;
+
+	/* make sure there's no "../" or "..\" stuff */
+	newdir = TRUE;
+	for (p = name; *p != '\0'; p++) {
+		if (newdir && p[0] == '.' && p[1] == '.' &&
+		    (p[2] == '/' || p[2] == '\\'))
+			return FALSE;
+		newdir = p[0] == '/' || p[0] == '\\';
+	}
+
+	return TRUE;
 }
 
 static const char *mbox_get_index_dir(const char *mbox_path)
@@ -167,6 +182,11 @@
 		return mbox_open(storage, "inbox", readonly);
 	}
 
+	if (!mbox_is_valid_name(storage, name)) {
+		mail_storage_set_error(storage, "Invalid mailbox name");
+		return FALSE;
+	}
+
 	i_snprintf(path, sizeof(path), "%s/%s", storage->dir, name);
 	if (stat(path, &st) == 0) {
 		/* exists - make sure the required directories are also there */
@@ -240,6 +260,11 @@
 		return FALSE;
 	}
 
+	if (!mbox_is_valid_name(storage, name)) {
+		mail_storage_set_error(storage, "Invalid mailbox name");
+		return FALSE;
+	}
+
 	/* first unlink the mbox file */
 	i_snprintf(path, sizeof(path), "%s/%s", storage->dir, name);
 	if (unlink(path) == -1) {
@@ -271,6 +296,12 @@
 
 	mail_storage_clear_error(storage);
 
+	if (!mbox_is_valid_name(storage, oldname) ||
+	    !mbox_is_valid_name(storage, newname)) {
+		mail_storage_set_error(storage, "Invalid mailbox name");
+		return FALSE;
+	}
+
 	if (strcasecmp(oldname, "INBOX") == 0)
 		oldname = "inbox";