dovecot-2.2: lib-index: Make sure dovecot.index.cache parsing do...
dovecot at dovecot.org
dovecot at dovecot.org
Thu Nov 13 09:30:58 UTC 2014
details: http://hg.dovecot.org/dovecot-2.2/rev/8565c72f73ec
changeset: 18083:8565c72f73ec
user: Timo Sirainen <tss at iki.fi>
date: Thu Nov 13 11:29:41 2014 +0200
description:
lib-index: Make sure dovecot.index.cache parsing doesn't go to infinite loop.
Although we guarantee this only for files generated with Dovecot v2.2+
because it's too much trouble to check for older versions.
diffstat:
src/lib-index/mail-cache-fields.c | 9 +++++++++
1 files changed, 9 insertions(+), 0 deletions(-)
diffs (19 lines):
diff -r fab74a2b7468 -r 8565c72f73ec src/lib-index/mail-cache-fields.c
--- a/src/lib-index/mail-cache-fields.c Thu Nov 13 11:14:08 2014 +0200
+++ b/src/lib-index/mail-cache-fields.c Thu Nov 13 11:29:41 2014 +0200
@@ -234,6 +234,15 @@
"next_offset in field header loops");
return -1;
}
+ /* In Dovecot v2.2+ we don't try to use any holes,
+ so next_offset must always be larger than current offset.
+ also makes it easier to guarantee there aren't any loops
+ (which we don't bother doing for old files) */
+ if (next_offset < offset && cache->hdr->minor_version != 0) {
+ mail_cache_set_corrupted(cache,
+ "next_offset in field header decreases");
+ return -1;
+ }
offset = next_offset;
if (cache->mmap_base != NULL || cache->map_with_read) {
More information about the dovecot-cvs
mailing list