Mercurial > dovecot > original-hg > dovecot-2.2
changeset 16760:6be5d8d8af2d
lib-imap: imap-url: Forgot to check for the presence of ':' in userinfo, which is not allowed.
author | Stephan Bosch <stephan@rename-it.nl> |
---|---|
date | Tue, 17 Sep 2013 21:57:14 +0300 |
parents | be26ae8a9fca |
children | ec9eab188dd8 |
files | src/lib-imap/imap-url.c src/lib-imap/test-imap-url.c |
diffstat | 2 files changed, 33 insertions(+), 13 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib-imap/imap-url.c Mon Sep 16 10:05:24 2013 +0300 +++ b/src/lib-imap/imap-url.c Tue Sep 17 21:57:14 2013 +0300 @@ -226,34 +226,49 @@ /* iuserinfo = enc-user [iauth] / [enc-user] iauth */ if (auth.enc_userinfo != NULL) { - const char *p; + const char *p, *uend; /* Scan for ";AUTH=" */ - p = strchr(auth.enc_userinfo, ';'); - if (p != NULL) { - if (strncasecmp(p, ";AUTH=",6) != 0) { + for (p = auth.enc_userinfo; *p != '\0'; p++) { + if (*p == ';') + break; + /* check for unallowed userinfo characters */ + if (*p == ':') { + parser->error = t_strdup_printf( + "Stray ':' in userinfo `%s'", auth.enc_userinfo); + return -1; + } + } + + uend = p; + + if (*p == ';') { + if (strncasecmp(p, ";AUTH=", 6) != 0) { parser->error = t_strdup_printf( "Stray ';' in userinfo `%s'", auth.enc_userinfo); return -1; } - if (strchr(p+1, ';') != NULL) { - parser->error = "Stray ';' after `;AUTH='"; - return -1; + for (p += 6; *p != '\0'; p++) { + if (*p == ';' || *p == ':') { + parser->error = t_strdup_printf( + "Stray '%c' in userinfo `%s'", *p, auth.enc_userinfo); + return -1; + } } } /* enc-user */ - if (url != NULL && p != auth.enc_userinfo) { - if (!uri_data_decode(parser, auth.enc_userinfo, p, &data)) + if (url != NULL && uend > auth.enc_userinfo) { + if (!uri_data_decode(parser, auth.enc_userinfo, uend, &data)) return -1; url->userid = p_strdup(parser->pool, data); } /* ( "*" / enc-auth-type ) */ - if (p != NULL) { - p += 6; + if (*uend == ';') { + p = uend + 6; if (*p == '\0') { parser->error = "Empty auth-type value after ';AUTH='"; return -1; @@ -989,10 +1004,10 @@ /* user */ if (url->userid != NULL || url->auth_type != NULL) { if (url->userid != NULL) - uri_append_user_data(urlstr, ";", url->userid); + uri_append_user_data(urlstr, ";:", url->userid); if (url->auth_type != NULL) { str_append(urlstr, ";AUTH="); - uri_append_user_data(urlstr, ";", url->auth_type); + uri_append_user_data(urlstr, ";:", url->auth_type); } str_append_c(urlstr, '@'); }
--- a/src/lib-imap/test-imap-url.c Mon Sep 16 10:05:24 2013 +0300 +++ b/src/lib-imap/test-imap-url.c Tue Sep 17 21:57:14 2013 +0300 @@ -759,6 +759,10 @@ },{ .url = "imap://user;AUTH=@example.com" },{ + .url = "imap://user:password@example.com" + },{ + .url = "imap://user;AUTH=A:B@example.com" + },{ .url = "imap://user%@example.com" },{ .url = "imap://user%00@example.com" @@ -903,6 +907,7 @@ #endif "imap://user@host.example.com/", "imap://user@host.example.com:993/", + "imap://su%3auser@host.example.com/", "imap://user;AUTH=PLAIN@host.example.com/", "imap://user;AUTH=PLAIN@host.example.com/INBOX", "imap://user;AUTH=PLAIN@host.example.com/INBOX/;UID=5",