dovecot-2.2: lib-imap: imap-utf7 - reject encoded simple ASCII
dovecot at dovecot.org
dovecot at dovecot.org
Mon Jul 28 13:54:32 UTC 2014
details: http://hg.dovecot.org/dovecot-2.2/rev/0c0559782618
changeset: 17661:0c0559782618
user: Phil Carmody <phil at dovecot.fi>
date: Mon Jul 28 16:49:47 2014 +0300
description:
lib-imap: imap-utf7 - reject encoded simple ASCII
"Modified BASE64 MUST NOT be used to represent any printing US-ASCII
character which can represent itself."
"The character "&" (0x26) is represented by the two-octet sequence "&-""
Therefore any mBASE64 sequence containing any character between 0x20 and
0x7e is invalid.
Signed-off-by: Phil Carmody <phil at dovecot.fi>
diffstat:
src/lib-imap/imap-utf7.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diffs (17 lines):
diff -r 6abfa33c73a8 -r 0c0559782618 src/lib-imap/imap-utf7.c
--- a/src/lib-imap/imap-utf7.c Mon Jul 28 16:49:47 2014 +0300
+++ b/src/lib-imap/imap-utf7.c Mon Jul 28 16:49:47 2014 +0300
@@ -148,7 +148,13 @@
if (high < UTF16_SURROGATE_HIGH_FIRST ||
high > UTF16_SURROGATE_HIGH_MAX) {
/* single byte */
+ size_t oldlen = str_len(dest);
uni_ucs4_to_utf8_c(high, dest);
+ if (str_len(dest) - oldlen == 1) {
+ unsigned char last = str_data(dest)[oldlen];
+ if (last >= 0x20 && last < 0x7f)
+ return -1;
+ }
*_pos = (pos + 2) % 4;
return 0;
}
More information about the dovecot-cvs
mailing list