dovecot-2.2: dict: Fixed unescaping strings from lib-dict.
dovecot at dovecot.org
dovecot at dovecot.org
Thu Apr 23 18:34:19 UTC 2015
details: http://hg.dovecot.org/dovecot-2.2/rev/3905d7fce3ba
changeset: 18467:3905d7fce3ba
user: Timo Sirainen <tss at iki.fi>
date: Thu Apr 23 21:32:43 2015 +0300
description:
dict: Fixed unescaping strings from lib-dict.
This may potentially break backwards compatibility with someone, but it's
probably pretty rare that anybody is yet using dict proxy with multi-line
fields. Also even though the current behavior happens to work, it's very
much non-ideal and can be potentially dangerous.
diffstat:
src/dict/dict-commands.c | 19 +++++++++++--------
1 files changed, 11 insertions(+), 8 deletions(-)
diffs (79 lines):
diff -r 65f825a8cd0b -r 3905d7fce3ba src/dict/dict-commands.c
--- a/src/dict/dict-commands.c Thu Apr 23 21:26:50 2015 +0300
+++ b/src/dict/dict-commands.c Thu Apr 23 21:32:43 2015 +0300
@@ -4,6 +4,7 @@
#include "array.h"
#include "ostream.h"
#include "str.h"
+#include "strescape.h"
#include "dict-client.h"
#include "dict-settings.h"
#include "dict-connection.h"
@@ -33,7 +34,7 @@
ret = dict_lookup(conn->dict, pool_datastack_create(), line, &value);
if (ret > 0) {
reply = t_strdup_printf("%c%s\n",
- DICT_PROTOCOL_REPLY_OK, value);
+ DICT_PROTOCOL_REPLY_OK, str_tabescape(value));
o_stream_nsend_str(conn->output, reply);
} else {
reply = t_strdup_printf("%c\n", ret == 0 ?
@@ -53,9 +54,11 @@
o_stream_cork(conn->output);
while (dict_iterate(conn->iter_ctx, &key, &value)) {
str_truncate(str, 0);
- str_printfa(str, "%c%s\t", DICT_PROTOCOL_REPLY_OK, key);
+ str_append_c(str, DICT_PROTOCOL_REPLY_OK);
+ str_append_tabescaped(str, key);
+ str_append_c(str, '\t');
if ((conn->iter_flags & DICT_ITERATE_FLAG_NO_VALUE) == 0)
- str_append(str, value);
+ str_append_tabescaped(str, value);
str_append_c(str, '\n');
o_stream_nsend(conn->output, str_data(str), str_len(str));
@@ -92,7 +95,7 @@
return -1;
}
- args = t_strsplit_tab(line);
+ args = t_strsplit_tabescaped(line);
if (str_array_length(args) < 2 ||
str_to_uint(args[0], &flags) < 0) {
i_error("dict client: ITERATE: broken input");
@@ -275,7 +278,7 @@
const char *const *args;
/* <id> <key> <value> */
- args = t_strsplit_tab(line);
+ args = t_strsplit_tabescaped(line);
if (str_array_length(args) != 3) {
i_error("dict client: SET: broken input");
return -1;
@@ -294,7 +297,7 @@
const char *const *args;
/* <id> <key> */
- args = t_strsplit_tab(line);
+ args = t_strsplit_tabescaped(line);
if (str_array_length(args) != 2) {
i_error("dict client: UNSET: broken input");
return -1;
@@ -313,7 +316,7 @@
const char *const *args;
/* <id> <key> <value> */
- args = t_strsplit_tab(line);
+ args = t_strsplit_tabescaped(line);
if (str_array_length(args) != 3) {
i_error("dict client: APPEND: broken input");
return -1;
@@ -333,7 +336,7 @@
long long diff;
/* <id> <key> <diff> */
- args = t_strsplit_tab(line);
+ args = t_strsplit_tabescaped(line);
if (str_array_length(args) != 3 ||
str_to_llong(args[2], &diff) < 0) {
i_error("dict client: ATOMIC_INC: broken input");
More information about the dovecot-cvs
mailing list