dovecot-2.1-pigeonhole: lib-sieve: updated rfc2822 header field ...
pigeonhole at rename-it.nl
pigeonhole at rename-it.nl
Sat Nov 26 12:11:50 EET 2011
details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/cdf52ef61f65
changeset: 1551:cdf52ef61f65
user: Stephan Bosch <stephan at rename-it.nl>
date: Sat Nov 26 11:09:58 2011 +0100
description:
lib-sieve: updated rfc2822 header field body verification to exclude non-printing characters (RFC5322).
diffstat:
src/lib-sieve/plugins/enotify/mailto/uri-mailto.c | 3 +-
src/lib-sieve/rfc2822.c | 42 ++++++++++++---------
src/lib-sieve/rfc2822.h | 2 +-
3 files changed, 27 insertions(+), 20 deletions(-)
diffs (94 lines):
diff -r 6757a772b086 -r cdf52ef61f65 src/lib-sieve/plugins/enotify/mailto/uri-mailto.c
--- a/src/lib-sieve/plugins/enotify/mailto/uri-mailto.c Thu Nov 24 00:50:11 2011 +0100
+++ b/src/lib-sieve/plugins/enotify/mailto/uri-mailto.c Sat Nov 26 11:09:58 2011 +0100
@@ -442,7 +442,8 @@
if ( hname_type == _HNAME_BODY ) {
// FIXME: verify body ...
} else {
- if ( !rfc2822_header_field_body_verify(str_c(field), str_len(field)) ) {
+ if ( !rfc2822_header_field_body_verify
+ (str_c(field), str_len(field), FALSE, FALSE) ) {
uri_mailto_error(parser, "invalid header field body");
return FALSE;
}
diff -r 6757a772b086 -r cdf52ef61f65 src/lib-sieve/rfc2822.c
--- a/src/lib-sieve/rfc2822.c Thu Nov 24 00:50:11 2011 +0100
+++ b/src/lib-sieve/rfc2822.c Sat Nov 26 11:09:58 2011 +0100
@@ -7,6 +7,7 @@
#include "lib.h"
#include "str.h"
+#include "unichar.h"
#include "rfc2822.h"
@@ -38,34 +39,39 @@
}
bool rfc2822_header_field_body_verify
-(const char *field_body, unsigned int len)
+(const char *field_body, unsigned int len, bool allow_crlf, bool allow_utf8)
{
const char *p = field_body;
const char *pend = p + len;
+ bool is8bit = FALSE;
- /* unstructured = *([FWS] utext) [FWS]
- * FWS = ([*WSP CRLF] 1*WSP) / ; Folding white space
- * obs-FWS
- * utext = NO-WS-CTL / ; Non white space controls
- * %d33-126 / ; The rest of US-ASCII
- * obs-utext
- * NO-WS-CTL = %d1-8 / ; US-ASCII control characters
- * %d11 / ; that do not include the
- * %d12 / ; carriage return, line feed,
- * %d14-31 / ; and white space characters
- * %d127
- * WSP = SP / HTAB
- */
-
- /* This verification does not allow content to be folded. This should done
- * automatically upon message composition.
+ /* RFC5322:
+ *
+ * unstructured = (*([FWS] VCHAR) *WSP)
+ * VCHAR = %x21-7E
+ * FWS = ([*WSP CRLF] 1*WSP) / ; Folding white space
+ * WSP = SP / HTAB ; White space
*/
while ( p < pend ) {
- if ( *p == '\0' || *p == '\r' || *p == '\n' || ((unsigned char)*p) > 127 )
+ if ( *p != '\t' && *p < 0x20 )
return FALSE;
+ if ( (*p == '\r' || *p == '\n') && !allow_crlf )
+ return FALSE;
+
+ if ( !is8bit && ((unsigned char)*p) > 127 ) {
+ if ( !allow_utf8 )
+ return FALSE;
+
+ is8bit = TRUE;
+ }
+
p++;
+ }
+
+ if ( is8bit && !uni_utf8_str_is_valid(field_body) ) {
+ return FALSE;
}
return TRUE;
diff -r 6757a772b086 -r cdf52ef61f65 src/lib-sieve/rfc2822.h
--- a/src/lib-sieve/rfc2822.h Thu Nov 24 00:50:11 2011 +0100
+++ b/src/lib-sieve/rfc2822.h Sat Nov 26 11:09:58 2011 +0100
@@ -15,7 +15,7 @@
bool rfc2822_header_field_name_verify
(const char *field_name, unsigned int len);
bool rfc2822_header_field_body_verify
-(const char *field_body, unsigned int len);
+ (const char *field_body, unsigned int len, bool allow_crlf, bool allow_utf8);
/*
*
More information about the dovecot-cvs
mailing list