[dovecot-cvs] dovecot/src/lib-storage mail-storage-private.h, 1.25,
1.25.2.1 mail-storage.c, 1.50, 1.50.2.1
cras at dovecot.org
cras at dovecot.org
Sat Jun 17 16:01:41 EEST 2006
Update of /var/lib/cvs/dovecot/src/lib-storage
In directory talvi:/tmp/cvs-serv5644
Modified Files:
Tag: branch_1_0
mail-storage-private.h mail-storage.c
Log Message:
When creating a mailbox, limit the number of hierarchies (to 20) and the
length of the mailbox name within a hierarchy (to 200).
Index: mail-storage-private.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/lib-storage/mail-storage-private.h,v
retrieving revision 1.25
retrieving revision 1.25.2.1
diff -u -d -r1.25 -r1.25.2.1
--- mail-storage-private.h 14 Apr 2006 12:30:22 -0000 1.25
+++ mail-storage-private.h 17 Jun 2006 13:01:38 -0000 1.25.2.1
@@ -254,5 +254,6 @@
const char *mail_storage_class_get_last_error(struct mail_storage *storage,
bool *syntax_error_r);
+bool mailbox_name_is_too_large(const char *name, char sep);
#endif
Index: mail-storage.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/lib-storage/mail-storage.c,v
retrieving revision 1.50
retrieving revision 1.50.2.1
diff -u -d -r1.50 -r1.50.2.1
--- mail-storage.c 2 Apr 2006 09:18:53 -0000 1.50
+++ mail-storage.c 17 Jun 2006 13:01:38 -0000 1.50.2.1
@@ -14,6 +14,14 @@
"Internal error occurred. Refer to server log for more information."
#define CRITICAL_MSG_STAMP CRITICAL_MSG " [%Y-%m-%d %H:%M:%S]"
+/* 20 * (200+1) < 4096 which is the standard PATH_MAX. Having these settings
+ prevents malicious user from creating eg. "a/a/a/.../a" mailbox name and
+ then start renaming them to larger names from end to beginning, which
+ eventually would start causing the failures when trying to use too
+ long mailbox names. */
+#define MAILBOX_MAX_HIERARCHY_LEVELS 20
+#define MAILBOX_MAX_HIERARCHY_NAME_LENGTH 200
+
unsigned int mail_storage_module_id = 0;
static array_t ARRAY_DEFINE(storages, struct mail_storage *);
@@ -538,3 +546,25 @@
{
return box->v.is_inconsistent(box);
}
+
+bool mailbox_name_is_too_large(const char *name, char sep)
+{
+ unsigned int levels = 1, level_len = 0;
+
+ for (; *name != '\0'; name++) {
+ if (*name == sep) {
+ if (level_len > MAILBOX_MAX_HIERARCHY_NAME_LENGTH)
+ return TRUE;
+ levels++;
+ level_len = 0;
+ } else {
+ level_len++;
+ }
+ }
+
+ if (level_len > MAILBOX_MAX_HIERARCHY_NAME_LENGTH)
+ return TRUE;
+ if (levels > MAILBOX_MAX_HIERARCHY_LEVELS)
+ return TRUE;
+ return FALSE;
+}
More information about the dovecot-cvs
mailing list