dovecot-2.2: message header parser: Fixed handling very long mul...

Wed Jun 20 02:20:36 EEST 2012

details:   http://hg.dovecot.org/dovecot-2.2/rev/8a4e5e5d82b5
changeset: 14602:8a4e5e5d82b5
user:      Timo Sirainen <tss at iki.fi>
date:      Wed Jun 20 01:40:14 2012 +0300
description:
message header parser: Fixed handling very long multiline headers.
If the header's line fit exactly to input stream's buffer so that the parser
couldn't see the following character, it assumed that the header ended.

diffstat:

 src/lib-mail/message-header-parser.c |  16 +++++++++++++++-
 1 files changed, 15 insertions(+), 1 deletions(-)

diffs (33 lines):

diff -r c34d4e3ff342 -r 8a4e5e5d82b5 src/lib-mail/message-header-parser.c

--- a/src/lib-mail/message-header-parser.c	Wed Jun 20 00:48:08 2012 +0300
+++ b/src/lib-mail/message-header-parser.c	Wed Jun 20 01:40:14 2012 +0300
@@ -159,6 +159,17 @@
 						break;
 					}
 				}
+				if (i == min_pos && (msg[size-1] == '\r' ||
+						     msg[size-1] == '\n')) {
+					/* we may or may not have a full header,
+					   but we don't know until we get the
+					   next character. leave out the
+					   linefeed and finish the header on
+					   the next run. */
+					size--;
+					if (size > 0 && msg[size-1] == '\r')
+						size--;
+				}
 
 				continues = TRUE;
 			}
@@ -201,7 +212,10 @@
 			}
 		}
 
-		if (i < parse_size) {
+		if (i < parse_size && i+1 == size && ret == -2) {
+			/* we don't know if the line continues. */
+			i++;
+		} else if (i < parse_size) {
 			/* got a line */
 			if (ctx->skip_line) {
 				/* skipping a line with a huge header name */
