dovecot-1.1: Check extension header validity before using it.

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-1.1/rev/f4990a37a8df
changeset: 7366:f4990a37a8df
user:      Timo Sirainen <tss at iki.fi>
date:      Fri Mar 07 03:49:36 2008 +0200
description:
Check extension header validity before using it.

diffstat:

1 file changed, 15 insertions(+), 14 deletions(-)
src/lib-index/mail-index-sync-ext.c |   29 +++++++++++++++--------------

diffs (46 lines):

diff -r 33b90e21b634 -r f4990a37a8df src/lib-index/mail-index-sync-ext.c
--- a/src/lib-index/mail-index-sync-ext.c	Fri Mar 07 03:02:44 2008 +0200
+++ b/src/lib-index/mail-index-sync-ext.c	Fri Mar 07 03:49:36 2008 +0200
@@ -402,6 +402,21 @@ int mail_index_sync_ext_intro(struct mai
 		return -1;
 	}
 
+	memset(&ext_hdr, 0, sizeof(ext_hdr));
+	ext_hdr.name_size = strlen(name);
+	ext_hdr.reset_id = u->reset_id;
+	ext_hdr.hdr_size = u->hdr_size;
+	ext_hdr.record_size = u->record_size;
+	ext_hdr.record_align = u->record_align;
+
+	/* make sure the header looks valid before doing anything with it */
+	if (mail_index_map_ext_hdr_check(&map->hdr, &ext_hdr,
+					 name, &error) < 0) {
+		mail_index_sync_set_corrupted(ctx,
+			"Broken extension introduction: %s", error);
+		return -1;
+	}
+
 	if (ext_map_idx != (uint32_t)-1) {
 		/* exists already */
 		if (u->reset_id == ext->reset_id) {
@@ -433,20 +448,6 @@ int mail_index_sync_ext_intro(struct mai
 				   hdr_buf->used);
 	}
 
-	memset(&ext_hdr, 0, sizeof(ext_hdr));
-	ext_hdr.name_size = strlen(name);
-	ext_hdr.reset_id = u->reset_id;
-	ext_hdr.hdr_size = u->hdr_size;
-	ext_hdr.record_size = u->record_size;
-	ext_hdr.record_align = u->record_align;
-
-	if (mail_index_map_ext_hdr_check(&map->hdr, &ext_hdr,
-					 name, &error) < 0) {
-		mail_index_sync_set_corrupted(ctx,
-			"Broken extension introduction: %s", error);
-		return -1;
-	}
-
 	/* register record offset initially using zero,
 	   sync_ext_reorder() will fix it. */
 	ext_map_idx = mail_index_map_register_ext(map, name, hdr_buf->used,