dovecot-2.2-pigeonhole: lib-sieve: mime/foreverypart: Enforced l...
pigeonhole at rename-it.nl
pigeonhole at rename-it.nl
Sun Nov 29 12:46:08 UTC 2015
details: http://hg.rename-it.nl/dovecot-2.2-pigeonhole/rev/8b9147c83fd9
changeset: 2145:8b9147c83fd9
user: Stephan Bosch <stephan at rename-it.nl>
date: Sun Nov 29 13:46:03 2015 +0100
description:
lib-sieve: mime/foreverypart: Enforced loop nesting limit across includes.
diffstat:
src/lib-sieve/plugins/include/ext-include-common.c | 7 +-
src/lib-sieve/sieve-interpreter.c | 45 ++++++++++++++------
src/lib-sieve/sieve-interpreter.h | 22 +++++++---
src/lib-sieve/sieve.c | 4 +-
src/testsuite/testsuite-script.c | 4 +-
src/testsuite/testsuite.c | 2 +-
tests/extensions/mime/errors.svtest | 13 +++++-
tests/extensions/mime/errors/limits-include.sieve | 6 ++
tests/extensions/mime/included/include-loop-2.sieve | 6 ++
tests/extensions/mime/included/include-loop-3.sieve | 6 ++
tests/extensions/mime/included/include-loop-4.sieve | 6 ++
tests/extensions/mime/included/include-loop-5.sieve | 9 ++++
12 files changed, 101 insertions(+), 29 deletions(-)
diffs (276 lines):
diff -r 5607f866fd94 -r 8b9147c83fd9 src/lib-sieve/plugins/include/ext-include-common.c
--- a/src/lib-sieve/plugins/include/ext-include-common.c Sun Nov 29 13:00:38 2015 +0100
+++ b/src/lib-sieve/plugins/include/ext-include-common.c Sun Nov 29 13:46:03 2015 +0100
@@ -708,8 +708,8 @@
* (first sub-interpreter)
*/
subinterp = sieve_interpreter_create_for_block
- (included->block, included->script, renv->msgdata, renv->scriptenv,
- ehandler, rtflags);
+ (included->block, included->script, renv->interp,
+ renv->msgdata, renv->scriptenv, ehandler, rtflags);
if ( subinterp != NULL ) {
curctx = ext_include_interpreter_context_init_child
@@ -767,7 +767,8 @@
/* Create sub-interpreter */
subinterp = sieve_interpreter_create_for_block
- (curctx->include->block, curctx->include->script, renv->msgdata,
+ (curctx->include->block, curctx->include->script,
+ curctx->interp, renv->msgdata,
renv->scriptenv, ehandler, rtflags);
if ( subinterp != NULL ) {
diff -r 5607f866fd94 -r 8b9147c83fd9 src/lib-sieve/sieve-interpreter.c
--- a/src/lib-sieve/sieve-interpreter.c Sun Nov 29 13:00:38 2015 +0100
+++ b/src/lib-sieve/sieve-interpreter.c Sun Nov 29 13:46:03 2015 +0100
@@ -71,6 +71,7 @@
/* Loop stack */
ARRAY(struct sieve_interpreter_loop) loop_stack;
sieve_size_t loop_limit;
+ unsigned int parent_loop_level;
/* Runtime environment */
struct sieve_runtime_env runenv;
@@ -85,10 +86,15 @@
};
static struct sieve_interpreter *_sieve_interpreter_create
-(struct sieve_binary *sbin, struct sieve_binary_block *sblock,
- struct sieve_script *script, const struct sieve_message_data *msgdata,
- const struct sieve_script_env *senv, struct sieve_error_handler *ehandler,
+(struct sieve_binary *sbin,
+ struct sieve_binary_block *sblock,
+ struct sieve_script *script,
+ struct sieve_interpreter *parent,
+ const struct sieve_message_data *msgdata,
+ const struct sieve_script_env *senv,
+ struct sieve_error_handler *ehandler,
enum sieve_runtime_flags flags)
+ ATTR_NULL(3, 4)
{
unsigned int i, ext_count;
struct sieve_interpreter *interp;
@@ -143,6 +149,12 @@
p_array_init(&interp->extensions, pool, sieve_extensions_get_count(svinst));
+ interp->parent_loop_level = 0;
+ if ( parent != NULL && array_is_created(&parent->loop_stack) ) {
+ interp->parent_loop_level = parent->parent_loop_level +
+ array_count(&parent->loop_stack);
+ }
+
/* Pre-load core language features implemented as 'extensions' */
ext_preloaded = sieve_extensions_get_preloaded(svinst, &ext_count);
for ( i = 0; i < ext_count; i++ ) {
@@ -211,8 +223,11 @@
}
struct sieve_interpreter *sieve_interpreter_create
-(struct sieve_binary *sbin, const struct sieve_message_data *msgdata,
- const struct sieve_script_env *senv, struct sieve_error_handler *ehandler,
+(struct sieve_binary *sbin,
+ struct sieve_interpreter *parent,
+ const struct sieve_message_data *msgdata,
+ const struct sieve_script_env *senv,
+ struct sieve_error_handler *ehandler,
enum sieve_runtime_flags flags)
{
struct sieve_binary_block *sblock;
@@ -221,20 +236,24 @@
== NULL )
return NULL;
- return _sieve_interpreter_create
- (sbin, sblock, NULL, msgdata, senv, ehandler, flags);
+ return _sieve_interpreter_create(sbin, sblock, NULL,
+ parent, msgdata, senv, ehandler, flags);
}
struct sieve_interpreter *sieve_interpreter_create_for_block
-(struct sieve_binary_block *sblock, struct sieve_script *script,
- const struct sieve_message_data *msgdata, const struct sieve_script_env *senv,
- struct sieve_error_handler *ehandler, enum sieve_runtime_flags flags)
+(struct sieve_binary_block *sblock,
+ struct sieve_script *script,
+ struct sieve_interpreter *parent,
+ const struct sieve_message_data *msgdata,
+ const struct sieve_script_env *senv,
+ struct sieve_error_handler *ehandler,
+ enum sieve_runtime_flags flags)
{
if ( sblock == NULL ) return NULL;
return _sieve_interpreter_create
- (sieve_binary_block_get_binary(sblock), sblock, script, msgdata, senv,
- ehandler, flags);
+ (sieve_binary_block_get_binary(sblock), sblock, script,
+ parent, msgdata, senv, ehandler, flags);
}
void sieve_interpreter_free(struct sieve_interpreter **_interp)
@@ -513,7 +532,7 @@
if ( !array_is_created(&interp->loop_stack) )
p_array_init(&interp->loop_stack, interp->pool, 8);
- else if ( array_count(&interp->loop_stack)
+ if ( (interp->parent_loop_level + array_count(&interp->loop_stack))
>= SIEVE_MAX_LOOP_DEPTH ) {
/* Should normally be caught at compile time */
sieve_runtime_error(renv, NULL,
diff -r 5607f866fd94 -r 8b9147c83fd9 src/lib-sieve/sieve-interpreter.h
--- a/src/lib-sieve/sieve-interpreter.h Sun Nov 29 13:00:38 2015 +0100
+++ b/src/lib-sieve/sieve-interpreter.h Sun Nov 29 13:46:03 2015 +0100
@@ -16,14 +16,22 @@
*/
struct sieve_interpreter *sieve_interpreter_create
- (struct sieve_binary *sbin, const struct sieve_message_data *msgdata,
- const struct sieve_script_env *senv, struct sieve_error_handler *ehandler,
+ (struct sieve_binary *sbin,
+ struct sieve_interpreter *parent,
+ const struct sieve_message_data *msgdata,
+ const struct sieve_script_env *senv,
+ struct sieve_error_handler *ehandler,
+ enum sieve_runtime_flags flags)
+ ATTR_NULL(2);
+struct sieve_interpreter *sieve_interpreter_create_for_block
+ (struct sieve_binary_block *sblock,
+ struct sieve_script *script,
+ struct sieve_interpreter *parent,
+ const struct sieve_message_data *msgdata,
+ const struct sieve_script_env *senv,
+ struct sieve_error_handler *ehandler,
enum sieve_runtime_flags flags);
-struct sieve_interpreter *sieve_interpreter_create_for_block
- (struct sieve_binary_block *sblock, struct sieve_script *script,
- const struct sieve_message_data *msgdata,
- const struct sieve_script_env *senv, struct sieve_error_handler *ehandler,
- enum sieve_runtime_flags flags);
+ ATTR_NULL(3);
void sieve_interpreter_free(struct sieve_interpreter **_interp);
/*
diff -r 5607f866fd94 -r 8b9147c83fd9 src/lib-sieve/sieve.c
--- a/src/lib-sieve/sieve.c Sun Nov 29 13:00:38 2015 +0100
+++ b/src/lib-sieve/sieve.c Sun Nov 29 13:46:03 2015 +0100
@@ -323,8 +323,8 @@
int ret = 0;
/* Create the interpreter */
- if ( (interp=sieve_interpreter_create(sbin, msgdata, senv, ehandler, flags))
- == NULL )
+ if ( (interp=sieve_interpreter_create
+ (sbin, NULL, msgdata, senv, ehandler, flags)) == NULL )
return SIEVE_EXEC_BIN_CORRUPT;
/* Reset execution status */
diff -r 5607f866fd94 -r 8b9147c83fd9 src/testsuite/testsuite-script.c
--- a/src/testsuite/testsuite-script.c Sun Nov 29 13:00:38 2015 +0100
+++ b/src/testsuite/testsuite-script.c Sun Nov 29 13:46:03 2015 +0100
@@ -122,8 +122,8 @@
result = testsuite_result_get();
/* Execute the script */
- interp=sieve_interpreter_create(ictx->compiled_script, renv->msgdata,
- &scriptenv, testsuite_log_ehandler, 0);
+ interp=sieve_interpreter_create(ictx->compiled_script,
+ NULL, renv->msgdata, &scriptenv, testsuite_log_ehandler, 0);
if ( interp == NULL )
return SIEVE_EXEC_BIN_CORRUPT;
diff -r 5607f866fd94 -r 8b9147c83fd9 src/testsuite/testsuite.c
--- a/src/testsuite/testsuite.c Sun Nov 29 13:00:38 2015 +0100
+++ b/src/testsuite/testsuite.c Sun Nov 29 13:46:03 2015 +0100
@@ -65,7 +65,7 @@
/* Create the interpreter */
if ( (interp=sieve_interpreter_create
- (sbin, msgdata, senv, ehandler, 0)) == NULL )
+ (sbin, NULL, msgdata, senv, ehandler, 0)) == NULL )
return SIEVE_EXEC_BIN_CORRUPT;
/* Run the interpreter */
diff -r 5607f866fd94 -r 8b9147c83fd9 tests/extensions/mime/errors.svtest
--- a/tests/extensions/mime/errors.svtest Sun Nov 29 13:00:38 2015 +0100
+++ b/tests/extensions/mime/errors.svtest Sun Nov 29 13:46:03 2015 +0100
@@ -3,7 +3,7 @@
require "relational";
require "comparator-i;ascii-numeric";
-test "Foreverypart command" {
+/*test "Foreverypart command" {
if test_script_compile "errors/foreverypart.sieve" {
test_fail "compile should have failed";
}
@@ -61,4 +61,15 @@
if test_error :count "ne" :comparator "i;ascii-numeric" "2" {
test_fail "incorrect number of compile errors reported";
}
+}*/
+
+test "Limits - include" {
+ if not test_script_compile "errors/limits-include.sieve" {
+ test_fail "script compile failed";
+ }
+
+ if test_script_run {
+ test_fail "script run should have failed";
+ }
}
+
diff -r 5607f866fd94 -r 8b9147c83fd9 tests/extensions/mime/errors/limits-include.sieve
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/extensions/mime/errors/limits-include.sieve Sun Nov 29 13:46:03 2015 +0100
@@ -0,0 +1,6 @@
+require "foreverypart";
+require "include";
+
+foreverypart :name "frop" {
+ include "include-loop-2";
+}
diff -r 5607f866fd94 -r 8b9147c83fd9 tests/extensions/mime/included/include-loop-2.sieve
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/extensions/mime/included/include-loop-2.sieve Sun Nov 29 13:46:03 2015 +0100
@@ -0,0 +1,6 @@
+require "foreverypart";
+require "include";
+
+foreverypart :name "friep" {
+ include "include-loop-3";
+}
diff -r 5607f866fd94 -r 8b9147c83fd9 tests/extensions/mime/included/include-loop-3.sieve
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/extensions/mime/included/include-loop-3.sieve Sun Nov 29 13:46:03 2015 +0100
@@ -0,0 +1,6 @@
+require "foreverypart";
+require "include";
+
+foreverypart :name "frml" {
+ include "include-loop-4";
+}
diff -r 5607f866fd94 -r 8b9147c83fd9 tests/extensions/mime/included/include-loop-4.sieve
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/extensions/mime/included/include-loop-4.sieve Sun Nov 29 13:46:03 2015 +0100
@@ -0,0 +1,6 @@
+require "foreverypart";
+require "include";
+
+foreverypart {
+ include "include-loop-5";
+}
diff -r 5607f866fd94 -r 8b9147c83fd9 tests/extensions/mime/included/include-loop-5.sieve
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/extensions/mime/included/include-loop-5.sieve Sun Nov 29 13:46:03 2015 +0100
@@ -0,0 +1,9 @@
+require "foreverypart";
+require "include";
+require "mime";
+
+foreverypart {
+ if header :mime :subtype "content-type" "plain" {
+ break;
+ }
+}
More information about the dovecot-cvs
mailing list