diff options
author | Daniel Stenberg <daniel@haxx.se> | 2017-12-01 00:45:46 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2017-12-05 08:15:23 +0100 |
commit | 7eb6e080fcbd891d34b2b3353dc2e3f07c8bc35d (patch) | |
tree | ed060508a315f6ca306a6d1ab492b6687f8f3f40 /lib | |
parent | 4401409468f590520dd5d0f0a55607eefa5ff4c1 (diff) | |
download | curl-7eb6e080fcbd891d34b2b3353dc2e3f07c8bc35d.tar.gz |
sasl_getmesssage: make sure we have a long enough string to passbagder/pop3_get_message
For pop3/imap/smtp, added test 891 to somewhat verify the pop3
case.
For this, I enhanced the pingpong test server to be able to send back
responses with LF-only instead of always using CRLF.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/imap.c | 29 | ||||
-rw-r--r-- | lib/pop3.c | 29 | ||||
-rw-r--r-- | lib/smtp.c | 29 |
3 files changed, 51 insertions, 36 deletions
diff --git a/lib/imap.c b/lib/imap.c index 1b52f73a4..63a998b2b 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -344,23 +344,28 @@ static bool imap_endofresp(struct connectdata *conn, char *line, size_t len, */ static void imap_get_message(char *buffer, char **outptr) { - size_t len = 0; + size_t len = strlen(buffer); char *message = NULL; - /* Find the start of the message */ - for(message = buffer + 2; *message == ' ' || *message == '\t'; message++) - ; + if(len > 2) { + /* Find the start of the message */ + for(message = buffer + 2; *message == ' ' || *message == '\t'; message++) + ; - /* Find the end of the message */ - for(len = strlen(message); len--;) - if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' && - message[len] != '\t') - break; + /* Find the end of the message */ + for(len -= 2; len--;) + if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' && + message[len] != '\t') + break; - /* Terminate the message */ - if(++len) { - message[len] = '\0'; + /* Terminate the message */ + if(++len) { + message[len] = '\0'; + } } + else + /* junk input => zero length output */ + message = &buffer[len]; *outptr = message; } diff --git a/lib/pop3.c b/lib/pop3.c index 5792a4a6f..40dde1052 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -243,23 +243,28 @@ static bool pop3_endofresp(struct connectdata *conn, char *line, size_t len, */ static void pop3_get_message(char *buffer, char **outptr) { - size_t len = 0; + size_t len = strlen(buffer); char *message = NULL; - /* Find the start of the message */ - for(message = buffer + 2; *message == ' ' || *message == '\t'; message++) - ; + if(len > 2) { + /* Find the start of the message */ + for(message = buffer + 2; *message == ' ' || *message == '\t'; message++) + ; - /* Find the end of the message */ - for(len = strlen(message); len--;) - if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' && - message[len] != '\t') - break; + /* Find the end of the message */ + for(len -= 2; len--;) + if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' && + message[len] != '\t') + break; - /* Terminate the message */ - if(++len) { - message[len] = '\0'; + /* Terminate the message */ + if(++len) { + message[len] = '\0'; + } } + else + /* junk input => zero length output */ + message = &buffer[len]; *outptr = message; } diff --git a/lib/smtp.c b/lib/smtp.c index 44ee2e9f8..b31ecb4b0 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -232,23 +232,28 @@ static bool smtp_endofresp(struct connectdata *conn, char *line, size_t len, */ static void smtp_get_message(char *buffer, char **outptr) { - size_t len = 0; + size_t len = strlen(buffer); char *message = NULL; - /* Find the start of the message */ - for(message = buffer + 4; *message == ' ' || *message == '\t'; message++) - ; + if(len > 4) { + /* Find the start of the message */ + for(message = buffer + 4; *message == ' ' || *message == '\t'; message++) + ; - /* Find the end of the message */ - for(len = strlen(message); len--;) - if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' && - message[len] != '\t') - break; + /* Find the end of the message */ + for(len -= 4; len--;) + if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' && + message[len] != '\t') + break; - /* Terminate the message */ - if(++len) { - message[len] = '\0'; + /* Terminate the message */ + if(++len) { + message[len] = '\0'; + } } + else + /* junk input => zero length output */ + message = &buffer[len]; *outptr = message; } |