dovecot-2.0: auth worker: Fixes to handling invalid input from a...

dovecot at dovecot.org dovecot at dovecot.org
Tue Mar 16 18:03:03 EET 2010


details:   http://hg.dovecot.org/dovecot-2.0/rev/55e3817f09da
changeset: 10922:55e3817f09da
user:      Timo Sirainen <tss at iki.fi>
date:      Tue Mar 16 18:02:53 2010 +0200
description:
auth worker: Fixes to handling invalid input from auth server.

diffstat:

 src/auth/auth-worker-client.c |  57 ++++++++++++++++------------
 1 files changed, 32 insertions(+), 25 deletions(-)

diffs (240 lines):

diff -r 87c462c463cc -r 55e3817f09da src/auth/auth-worker-client.c
--- a/src/auth/auth-worker-client.c	Tue Mar 16 18:02:29 2010 +0200
+++ b/src/auth/auth-worker-client.c	Tue Mar 16 18:02:53 2010 +0200
@@ -133,7 +133,7 @@
 	auth_worker_client_unref(&client);
 }
 
-static void
+static bool
 auth_worker_handle_passv(struct auth_worker_client *client,
 			 unsigned int id, const char *args)
 {
@@ -147,7 +147,7 @@
 	args = strchr(args, '\t');
 	if (args == NULL) {
 		i_error("BUG: Auth worker server sent us invalid PASSV");
-		return;
+		return FALSE;
 	}
 	args++;
 
@@ -162,7 +162,7 @@
 	if (auth_request->user == NULL || auth_request->service == NULL) {
 		i_error("BUG: PASSV had missing parameters");
 		auth_request_unref(&auth_request);
-		return;
+		return FALSE;
 	}
 
 	passdb = auth_request->passdb;
@@ -178,13 +178,14 @@
 		if (passdb == NULL) {
 			i_error("BUG: PASSV had invalid passdb ID");
 			auth_request_unref(&auth_request);
-			return;
+			return FALSE;
 		}
 	}
 
 	auth_request->passdb = passdb;
 	passdb->passdb->iface.
 		verify_plain(auth_request, password, verify_plain_callback);
+	return TRUE;
 }
 
 static void
@@ -235,7 +236,7 @@
 	auth_worker_client_unref(&client);
 }
 
-static void
+static bool
 auth_worker_handle_passl(struct auth_worker_client *client,
 			 unsigned int id, const char *args)
 {
@@ -248,7 +249,7 @@
 	args = strchr(args, '\t');
 	if (args == NULL) {
 		i_error("BUG: Auth worker server sent us invalid PASSL");
-		return;
+		return FALSE;
 	}
 	args++;
 
@@ -262,7 +263,7 @@
 	if (auth_request->user == NULL || auth_request->service == NULL) {
 		i_error("BUG: PASSL had missing parameters");
 		auth_request_unref(&auth_request);
-		return;
+		return FALSE;
 	}
 
 	while (auth_request->passdb->passdb->id != passdb_id) {
@@ -270,19 +271,20 @@
 		if (auth_request->passdb == NULL) {
 			i_error("BUG: PASSL had invalid passdb ID");
 			auth_request_unref(&auth_request);
-			return;
+			return FALSE;
 		}
 	}
 
 	if (auth_request->passdb->passdb->iface.lookup_credentials == NULL) {
 		i_error("BUG: PASSL lookup not supported by given passdb");
 		auth_request_unref(&auth_request);
-		return;
+		return FALSE;
 	}
 
 	auth_request->prefer_plain_credentials = TRUE;
 	auth_request->passdb->passdb->iface.
 		lookup_credentials(auth_request, lookup_credentials_callback);
+	return TRUE;
 }
 
 static void
@@ -301,7 +303,7 @@
 	auth_worker_client_unref(&client);
 }
 
-static void
+static bool
 auth_worker_handle_setcred(struct auth_worker_client *client,
 			   unsigned int id, const char *args)
 {
@@ -313,7 +315,7 @@
 	args = strchr(args, '\t');
 	if (args == NULL) {
 		i_error("BUG: Auth worker server sent us invalid SETCRED");
-		return;
+		return FALSE;
 	}
 	args++;
 
@@ -326,7 +328,7 @@
 	if (auth_request->user == NULL || auth_request->service == NULL) {
 		i_error("BUG: SETCRED had missing parameters");
 		auth_request_unref(&auth_request);
-		return;
+		return FALSE;
 	}
 
 	while (auth_request->passdb->passdb->id != passdb_id) {
@@ -334,12 +336,13 @@
 		if (auth_request->passdb == NULL) {
 			i_error("BUG: SETCRED had invalid passdb ID");
 			auth_request_unref(&auth_request);
-			return;
+			return FALSE;
 		}
 	}
 
 	auth_request->passdb->passdb->iface.
 		set_credentials(auth_request, data, set_credentials_callback);
+	return TRUE;
 }
 
 static void
@@ -376,7 +379,7 @@
 	auth_worker_client_unref(&client);
 }
 
-static void
+static bool
 auth_worker_handle_user(struct auth_worker_client *client,
 			unsigned int id, const char *args)
 {
@@ -393,7 +396,7 @@
 	if (auth_request->user == NULL || auth_request->service == NULL) {
 		i_error("BUG: USER had missing parameters");
 		auth_request_unref(&auth_request);
-		return;
+		return FALSE;
 	}
 
 	for (; num > 0; num--) {
@@ -401,12 +404,13 @@
 		if (auth_request->userdb == NULL) {
 			i_error("BUG: USER had invalid userdb num");
 			auth_request_unref(&auth_request);
-			return;
+			return FALSE;
 		}
 	}
 
 	auth_request->userdb->userdb->iface->
 		lookup(auth_request, lookup_user_callback);
+	return TRUE;
 }
 
 static void list_iter_deinit(struct auth_worker_list_context *ctx)
@@ -478,7 +482,7 @@
 	return 1;
 }
 
-static void
+static bool
 auth_worker_handle_list(struct auth_worker_client *client,
 			unsigned int id, const char *args)
 {
@@ -491,7 +495,7 @@
 		userdb = userdb->next;
 		if (userdb == NULL) {
 			i_error("BUG: LIST had invalid userdb num");
-			return;
+			return FALSE;
 		}
 	}
 
@@ -507,6 +511,7 @@
 	ctx->iter = ctx->userdb->iface->
 		iterate_init(userdb->userdb, list_iter_callback, ctx);
 	ctx->userdb->iface->iterate_next(ctx->iter);
+	return TRUE;
 }
 
 static bool
@@ -514,6 +519,7 @@
 {
 	const char *p;
 	unsigned int id;
+	bool ret;
 
 	p = strchr(line, '\t');
 	if (p == NULL)
@@ -523,18 +529,18 @@
 	line = p + 1;
 
 	if (strncmp(line, "PASSV\t", 6) == 0)
-		auth_worker_handle_passv(client, id, line + 6);
+		ret = auth_worker_handle_passv(client, id, line + 6);
 	else if (strncmp(line, "PASSL\t", 6) == 0)
-		auth_worker_handle_passl(client, id, line + 6);
+		ret = auth_worker_handle_passl(client, id, line + 6);
 	else if (strncmp(line, "SETCRED\t", 8) == 0)
-		auth_worker_handle_setcred(client, id, line + 8);
+		ret = auth_worker_handle_setcred(client, id, line + 8);
 	else if (strncmp(line, "USER\t", 5) == 0)
-		auth_worker_handle_user(client, id, line + 5);
+		ret = auth_worker_handle_user(client, id, line + 5);
 	else if (strncmp(line, "LIST\t", 5) == 0)
-		auth_worker_handle_list(client, id, line + 5);
+		ret = auth_worker_handle_list(client, id, line + 5);
 	else
 		i_error("BUG: Auth-worker received unknown command: %s", line);
-        return TRUE;
+        return ret;
 }
 
 static void auth_worker_input(struct auth_worker_client *client)
@@ -564,7 +570,8 @@
 		} T_END;
 
 		if (!ret) {
-			auth_worker_client_destroy(&client);
+			struct auth_worker_client *client2 = client;
+			auth_worker_client_destroy(&client2);
 			break;
 		}
 	}


More information about the dovecot-cvs mailing list