dovecot-2.2: pop3: fix msgnum/size parsers

Fri Aug 15 12:05:22 UTC 2014

details:   http://hg.dovecot.org/dovecot-2.2/rev/88d95b8f8a19
changeset: 17718:88d95b8f8a19
user:      Phil Carmody <phil at dovecot.fi>
date:      Fri Aug 15 15:02:59 2014 +0300
description:
pop3: fix msgnum/size parsers
The outer if()s are completely unnecessary, and permit `num'
to remain uninitialised. Spotted by clang's static analysis.

Bug introduced in changeset: 17563:2ed2ab04b63d

Note that the lack of a parameter from a broken client is no longer
treated as "0". Before the bug was introduced:
  DELE
  -ERR There's no message 0.
After this patch:
  DELE
  -ERR Invalid message number:

Signed-off-by: Phil Carmody <phil at dovecot.fi>

diffstat:

 src/pop3/pop3-commands.c |  43 ++++++++++++++++++-------------------------
 1 files changed, 18 insertions(+), 25 deletions(-)

diffs (61 lines):

diff -r 5dbd8a63aeb0 -r 88d95b8f8a19 src/pop3/pop3-commands.c

--- a/src/pop3/pop3-commands.c	Fri Aug 15 14:48:08 2014 +0300
+++ b/src/pop3/pop3-commands.c	Fri Aug 15 15:02:59 2014 +0300
@@ -30,20 +30,16 @@
 {
 	unsigned int num;
 
-	if (*args != '\0' && *args != ' ') {
-		if (*args < '0' || *args > '9') {
-			client_send_line(client,
-				"-ERR Invalid message number: %s", args);
-			return NULL;
-		}
-
-		if (str_parse_uint(args, &num, &args) < 0) {
-			client_send_line(client,
-				"-ERR Message number too large: %s", args);
-			return NULL;
-		}
+	if (*args < '0' || *args > '9') {
+		client_send_line(client,
+				 "-ERR Invalid message number: %s", args);
+		return NULL;
 	}
-
+	if (str_parse_uint(args, &num, &args) < 0) {
+		client_send_line(client,
+				 "-ERR Message number too large: %s", args);
+		return NULL;
+	}
 	if (num == 0 || num > client->messages_count) {
 		client_send_line(client,
 				 "-ERR There's no message %u.", num);
@@ -70,18 +66,15 @@
 {
 	uoff_t num;
 
-	if (*args != '\0' && *args != ' ') {
-		if (*args < '0' || *args > '9') {
-			client_send_line(client, "-ERR Invalid size: %s",
-					 args);
-			return NULL;
-		}
-
-		if (str_parse_uoff(args, &num, &args) < 0) {
-			client_send_line(client, "-ERR Size too large: %s",
-					 args);
-			return NULL;
-		}
+	if (*args < '0' || *args > '9') {
+		client_send_line(client, "-ERR Invalid size: %s",
+				 args);
+		return NULL;
+	}
+	if (str_parse_uoff(args, &num, &args) < 0) {
+		client_send_line(client, "-ERR Size too large: %s",
+				 args);
+		return NULL;
 	}
 
 	while (*args == ' ') args++;
