[dovecot-cvs] dovecot/src/lib-storage/index/mbox mbox-storage.c, 1.145.2.10, 1.145.2.11
tss at dovecot.org
tss at dovecot.org
Thu Mar 1 12:30:13 UTC 2007
Update of /var/lib/cvs/dovecot/src/lib-storage/index/mbox
In directory talvi:/tmp/cvs-serv16465/mbox
Modified Files:
Tag: branch_1_0
mbox-storage.c
Log Message:
mbox: Don't allow using .imap directory in the mailbox name/mask.
mbox+dbox: Don't allow using "foo/." or "foo/.." in the masks. Although that
shouldn't really matter.
Index: mbox-storage.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/lib-storage/index/mbox/mbox-storage.c,v
retrieving revision 1.145.2.10
retrieving revision 1.145.2.11
diff -u -d -r1.145.2.10 -r1.145.2.11
--- mbox-storage.c 22 Feb 2007 17:29:43 -0000 1.145.2.10
+++ mbox-storage.c 1 Mar 2007 12:30:11 -0000 1.145.2.11
@@ -403,20 +403,29 @@
/* make sure the mailbox name doesn't contain any foolishness:
"../" could give access outside the mailbox directory.
- "./" and "//" could fool ACL checks. */
+ "./" and "//" could fool ACL checks.
+ ".imap" could be used to accidentally break things. */
newdir = TRUE;
for (p = mask; *p != '\0'; p++) {
- if (newdir) {
- if (p[0] == '/')
- return FALSE; /* // */
- if (p[0] == '.') {
- if (p[1] == '/')
- return FALSE; /* ./ */
- if (p[1] == '.' && p[2] == '/')
- return FALSE; /* ../ */
- }
+ if (!newdir) {
+ newdir = p[0] == '/';
+ continue;
+ }
+
+ newdir = FALSE;
+ if (p[0] == '/')
+ return FALSE; /* // */
+ if (p[0] == '.') {
+ if (p[1] == '/' || p[1] == '\0')
+ return FALSE; /* ./ */
+ if (p[1] == '.' && (p[2] == '/' || p[2] == '\0'))
+ return FALSE; /* ../ */
}
- newdir = p[0] == '/';
+ if (strncmp(p, MBOX_INDEX_DIR_NAME,
+ sizeof(MBOX_INDEX_DIR_NAME)-1) == 0 &&
+ (p[sizeof(MBOX_INDEX_DIR_NAME)-1] == '\0' ||
+ p[sizeof(MBOX_INDEX_DIR_NAME)-1] == '/'))
+ return FALSE;
}
if (mask[0] == '.' && (mask[1] == '\0' ||
(mask[1] == '.' && mask[2] == '\0'))) {
More information about the dovecot-cvs
mailing list