[Dovecot] Developing new Dspam Plugin

Timo Sirainen tss at iki.fi
Sat Jul 1 20:25:14 EEST 2006


On Fri, 2006-06-30 at 11:08 +0800, Timothy White wrote:
> On 6/28/06, Timothy White <weirdit at gmail.com> wrote:
> 
> > I just realised that it may be possible to exploit the snprintf and
> > send strange commands to the server, for this reason, the user that
> > the plugin uses, should only be able to run the 2 procedure's. I have
> > no idea how to make this secure, or if it is secure or not. Any ideas?
> > (e.g. snprintf(query, 20+MAXSIGLEN, "CALL SPAM(\"%s\")", signature);
> > If someone modifies the header, as long as it's within the MAXSIGLEN
> > then they can effect the query?)
> 
> Anyone got ideas/comments on this?

#include "strescape.h"

query = t_strdup_printf("CALL SPAM(\"%s\")", str_escape(signature));

And maybe put t_push() and t_pop() calls somewhere so that when copying
lots of messages it doesn't temporarily use too much memory (the query's
memory is valid until t_pop() is called).

Although the str_escape() isn't the right way to do it.
mysql_real_escape_string() would be better. But anyway rather than using
MySQL directly you could use sql-api.h. Then you could also use
sql_escape_string() which is easier. :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20060701/ff8925f8/attachment.pgp


More information about the dovecot mailing list