dovecot-2.0-pigeonhole: include extension: made nesting_depth an...
pigeonhole at rename-it.nl
pigeonhole at rename-it.nl
Sun Sep 11 12:39:12 EEST 2011
details: http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/f12899a3d02f
changeset: 1525:f12899a3d02f
user: Stephan Bosch <stephan at rename-it.nl>
date: Sun Sep 11 11:39:07 2011 +0200
description:
include extension: made nesting_depth and max_includes limits configurable.
diffstat:
src/lib-sieve/plugins/include/ext-include-binary.c | 6 +-
src/lib-sieve/plugins/include/ext-include-common.c | 59 +++++++++++++------
src/lib-sieve/plugins/include/ext-include-common.h | 3 +
src/lib-sieve/plugins/include/ext-include-limits.h | 4 +-
src/testsuite/testsuite-script.c | 13 ----
tests/extensions/include/errors.svtest | 57 +++++++++++++++++--
tests/extensions/include/errors/depth-limit.sieve | 3 +
tests/extensions/include/errors/include-limit.sieve | 6 ++
tests/extensions/include/included/depth-limit-1.sieve | 3 +
tests/extensions/include/included/depth-limit-2.sieve | 3 +
tests/extensions/include/included/depth-limit-3.sieve | 1 +
11 files changed, 115 insertions(+), 43 deletions(-)
diffs (truncated from 327 to 300 lines):
diff -r ce825c9671a6 -r f12899a3d02f src/lib-sieve/plugins/include/ext-include-binary.c
--- a/src/lib-sieve/plugins/include/ext-include-binary.c Sun Sep 11 10:51:40 2011 +0200
+++ b/src/lib-sieve/plugins/include/ext-include-binary.c Sun Sep 11 11:39:07 2011 +0200
@@ -234,6 +234,8 @@
(const struct sieve_extension *ext, struct sieve_binary *sbin, void *context)
{
struct sieve_instance *svinst = ext->svinst;
+ struct ext_include_context *ext_ctx =
+ (struct ext_include_context *)ext->context;
struct ext_include_binary_context *binctx =
(struct ext_include_binary_context *) context;
struct sieve_binary_block *sblock;
@@ -254,10 +256,10 @@
}
/* Check include limit */
- if ( depcount > EXT_INCLUDE_MAX_INCLUDES ) {
+ if ( depcount > ext_ctx->max_includes ) {
sieve_sys_error(svinst,
"include: binary %s includes too many scripts (%u > %u)",
- sieve_binary_path(sbin), depcount, EXT_INCLUDE_MAX_INCLUDES);
+ sieve_binary_path(sbin), depcount, ext_ctx->max_includes);
return FALSE;
}
diff -r ce825c9671a6 -r f12899a3d02f src/lib-sieve/plugins/include/ext-include-common.c
--- a/src/lib-sieve/plugins/include/ext-include-common.c Sun Sep 11 10:51:40 2011 +0200
+++ b/src/lib-sieve/plugins/include/ext-include-common.c Sun Sep 11 11:39:07 2011 +0200
@@ -31,7 +31,7 @@
/* Generator context */
struct ext_include_generator_context {
- unsigned int nesting_level;
+ unsigned int nesting_depth;
struct sieve_script *script;
struct ext_include_generator_context *parent;
};
@@ -56,7 +56,7 @@
struct sieve_interpreter *interp;
pool_t pool;
- unsigned int nesting_level;
+ unsigned int nesting_depth;
struct sieve_script *script;
const struct ext_include_script_info *script_info;
@@ -76,26 +76,31 @@
{
struct sieve_instance *svinst = ext->svinst;
struct ext_include_context *ctx;
- const char *global_dir, *personal_dir, *home;
+ const char *sieve_dir, *home;
+ unsigned long long int uint_setting;
if ( *context != NULL ) {
ext_include_unload(ext);
}
+ ctx = i_new(struct ext_include_context, 1);
+
/* Get directory for :global scripts */
- global_dir = sieve_setting_get(svinst, "sieve_global_dir");
+ sieve_dir = sieve_setting_get(svinst, "sieve_global_dir");
- if ( global_dir == NULL && svinst->debug ) {
+ if ( sieve_dir == NULL && svinst->debug ) {
sieve_sys_debug(svinst, "include: sieve_global_dir is not set; "
"it is currently not possible to include `:global' scripts.");
}
+ ctx->global_dir = i_strdup(sieve_dir);
+
/* Get directory for :personal scripts */
- personal_dir = sieve_setting_get(svinst, "sieve_dir");
+ sieve_dir = sieve_setting_get(svinst, "sieve_dir");
home = sieve_environment_get_homedir(svinst);
- if ( personal_dir == NULL ) {
+ if ( sieve_dir == NULL ) {
if ( home == NULL ) {
if ( svinst->debug ) {
sieve_sys_debug(svinst, "include: sieve_dir is not set "
@@ -103,16 +108,28 @@
"it is currently not possible to include `:personal' scripts.");
}
} else {
- personal_dir = "~/sieve";
+ sieve_dir = "~/sieve";
}
}
if ( home != NULL )
- personal_dir = home_expand_tilde(personal_dir, home);
+ sieve_dir = home_expand_tilde(sieve_dir, home);
- ctx = i_new(struct ext_include_context, 1);
- ctx->personal_dir = i_strdup(personal_dir);
- ctx->global_dir = i_strdup(global_dir);
+ ctx->personal_dir = i_strdup(sieve_dir);
+
+ /* Get limits */
+ ctx->max_nesting_depth = EXT_INCLUDE_DEFAULT_MAX_NESTING_DEPTH;
+ ctx->max_includes = EXT_INCLUDE_DEFAULT_MAX_INCLUDES;
+
+ if ( sieve_setting_get_uint_value
+ (svinst, "sieve_include_max_nesting_depth", &uint_setting) ) {
+ ctx->max_nesting_depth = (unsigned int) uint_setting;
+ }
+
+ if ( sieve_setting_get_uint_value
+ (svinst, "sieve_include_max_includes", &uint_setting) ) {
+ ctx->max_includes = (unsigned int) uint_setting;
+ }
/* Extension dependencies */
ctx->var_ext = sieve_ext_variables_get_extension(ext->svinst);
@@ -280,9 +297,9 @@
ctx->parent = parent;
ctx->script = script;
if ( parent == NULL ) {
- ctx->nesting_level = 0;
+ ctx->nesting_depth = 0;
} else {
- ctx->nesting_level = parent->nesting_level + 1;
+ ctx->nesting_depth = parent->nesting_depth + 1;
}
return ctx;
@@ -381,9 +398,9 @@
ctx->script_info = sinfo;
if ( parent == NULL ) {
- ctx->nesting_level = 0;
+ ctx->nesting_depth = 0;
} else {
- ctx->nesting_level = parent->nesting_level + 1;
+ ctx->nesting_depth = parent->nesting_depth + 1;
}
return ctx;
@@ -451,6 +468,8 @@
const struct ext_include_script_info **included_r, bool once)
{
const struct sieve_extension *this_ext = cmd->ext;
+ struct ext_include_context *ext_ctx =
+ (struct ext_include_context *)this_ext->context;
bool result = TRUE;
struct sieve_ast *ast;
struct sieve_binary *sbin = cgenv->sbin;
@@ -472,10 +491,10 @@
return FALSE;
/* Limit nesting level */
- if ( ctx->nesting_level >= EXT_INCLUDE_MAX_NESTING_LEVEL ) {
+ if ( ctx->nesting_depth >= ext_ctx->max_nesting_depth ) {
sieve_command_generate_error
(gentr, cmd, "cannot nest includes deeper than %d levels",
- EXT_INCLUDE_MAX_NESTING_LEVEL);
+ ext_ctx->max_nesting_depth);
return FALSE;
}
@@ -504,10 +523,10 @@
/* Check whether include limit is exceeded */
if ( ext_include_binary_script_get_count(binctx) >=
- EXT_INCLUDE_MAX_INCLUDES ) {
+ ext_ctx->max_includes ) {
sieve_command_generate_error(gentr, cmd,
"failed to include script '%s': no more than %u includes allowed",
- str_sanitize(script_name, 80), EXT_INCLUDE_MAX_INCLUDES);
+ str_sanitize(script_name, 80), ext_ctx->max_includes);
return FALSE;
}
diff -r ce825c9671a6 -r f12899a3d02f src/lib-sieve/plugins/include/ext-include-common.h
--- a/src/lib-sieve/plugins/include/ext-include-common.h Sun Sep 11 10:51:40 2011 +0200
+++ b/src/lib-sieve/plugins/include/ext-include-common.h Sun Sep 11 11:39:07 2011 +0200
@@ -104,6 +104,9 @@
/* Configuration */
char *global_dir;
char *personal_dir;
+
+ unsigned int max_nesting_depth;
+ unsigned int max_includes;
};
static inline struct ext_include_context *ext_include_get_context
diff -r ce825c9671a6 -r f12899a3d02f src/lib-sieve/plugins/include/ext-include-limits.h
--- a/src/lib-sieve/plugins/include/ext-include-limits.h Sun Sep 11 10:51:40 2011 +0200
+++ b/src/lib-sieve/plugins/include/ext-include-limits.h Sun Sep 11 11:39:07 2011 +0200
@@ -6,7 +6,7 @@
#include "sieve-common.h"
-#define EXT_INCLUDE_MAX_NESTING_LEVEL 10
-#define EXT_INCLUDE_MAX_INCLUDES 255
+#define EXT_INCLUDE_DEFAULT_MAX_NESTING_DEPTH 10
+#define EXT_INCLUDE_DEFAULT_MAX_INCLUDES 255
#endif /* __EXT_INCLUDE_LIMITS_H */
diff -r ce825c9671a6 -r f12899a3d02f src/testsuite/testsuite-script.c
--- a/src/testsuite/testsuite-script.c Sun Sep 11 10:51:40 2011 +0200
+++ b/src/testsuite/testsuite-script.c Sun Sep 11 11:39:07 2011 +0200
@@ -51,19 +51,6 @@
return SIEVE_EXEC_FAILURE;
script_path = t_strconcat(script_path, "/", script, NULL);
-
- /* Initialize environment */
- sieve_dir = strrchr(script_path, '/');
- if ( sieve_dir == NULL )
- sieve_dir= "./";
- else
- sieve_dir = t_strdup_until(script_path, sieve_dir+1);
-
- /* Currently needed for include (FIXME) */
- testsuite_setting_set
- ("sieve_dir", t_strconcat(sieve_dir, "included", NULL));
- testsuite_setting_set
- ("sieve_global_dir", t_strconcat(sieve_dir, "included-global", NULL));
if ( (sbin = sieve_compile(svinst, script_path, NULL, testsuite_log_ehandler,
NULL)) == NULL )
diff -r ce825c9671a6 -r f12899a3d02f tests/extensions/include/errors.svtest
--- a/tests/extensions/include/errors.svtest Sun Sep 11 10:51:40 2011 +0200
+++ b/tests/extensions/include/errors.svtest Sun Sep 11 11:39:07 2011 +0200
@@ -94,11 +94,56 @@
*/
test "Invalid Script Names" {
- if test_script_compile "errors/scriptname.sieve" {
- test_fail "compile should have failed";
- }
+ if test_script_compile "errors/scriptname.sieve" {
+ test_fail "compile should have failed";
+ }
- if not test_error :count "eq" :comparator "i;ascii-numeric" "8" {
- test_fail "wrong number of errors reported";
- }
+ if not test_error :count "eq" :comparator "i;ascii-numeric" "8" {
+ test_fail "wrong number of errors reported";
+ }
}
+
+/* Include limit */
+
+test "Include limit" {
+ test_config_set "sieve_include_max_includes" "3";
+ test_config_reload :extension "include";
+
+ if test_script_compile "errors/include-limit.sieve" {
+ test_fail "compile should have failed";
+ }
+
+ if not test_error :count "eq" :comparator "i;ascii-numeric" "2" {
+ test_fail "wrong number of errors reported";
+ }
+
+ test_config_set "sieve_include_max_includes" "255";
+ test_config_reload :extension "include";
+
+ if not test_script_compile "errors/include-limit.sieve" {
+ test_fail "compile should have succeeded";
+ }
+}
+
+/* Depth limit */
+
+test "Depth limit" {
+ test_config_set "sieve_include_max_nesting_depth" "2";
+ test_config_reload :extension "include";
+
+ if test_script_compile "errors/depth-limit.sieve" {
+ test_fail "compile should have failed";
+ }
+
+ if not test_error :count "eq" :comparator "i;ascii-numeric" "4" {
+ test_fail "wrong number of errors reported";
+ }
+
+ test_config_set "sieve_include_max_nesting_depth" "10";
+ test_config_reload :extension "include";
+
+ if not test_script_compile "errors/depth-limit.sieve" {
+ test_fail "compile should have succeeded";
+ }
+}
+
diff -r ce825c9671a6 -r f12899a3d02f tests/extensions/include/errors/depth-limit.sieve
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/extensions/include/errors/depth-limit.sieve Sun Sep 11 11:39:07 2011 +0200
@@ -0,0 +1,3 @@
+require "include";
+
+include :personal "depth-limit-1";
diff -r ce825c9671a6 -r f12899a3d02f tests/extensions/include/errors/include-limit.sieve
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
More information about the dovecot-cvs
mailing list