The following issue has been RESOLVED.
======================================================================
http://www.dbmail.org/mantis/view.php?id=313
======================================================================
Reported By: sayler
Assigned To:
======================================================================
Project: DBMail
Issue ID: 313
Category: IMAP daemon
Reproducibility: always
Severity: minor
Priority: normal
Status: resolved
Resolution: fixed
Fixed in Version: SVN Trunk
======================================================================
Date Submitted: 10-Mar-06 20:05 CET
Last Modified: 20-Mar-06 09:34 CET
======================================================================
Summary: 2.1.5 IMAP daemon handles too-long times
ungracefully
Description:
The various IMAP .c files seems to think (though they use their own
#defines) that the maximum line length is 10240bytes. Unfortunately, if
you exceed this maximum, the too-long command is truncated at 10239
characters (+ \0) and processed as normal. Additionally, the remaining
(command length - 10239) characters will be processed the next time
around as an IMAP command.
I think the logic in IMAPClientHandler should look like:
fgets input -> line
if fgets returned NULL die
if the last character returned by fgets is not \r or \n:
output error
do:
fgets input -> line
until the last character returned by fgets is \n or \n:
proceed to next command
How does that sound?
Matt
======================================================================
----------------------------------------------------------------------
sayler - 10-Mar-06 20:06
----------------------------------------------------------------------
ha ha, mantis cut my too-long command.
----------------------------------------------------------------------
sayler - 10-Mar-06 20:12
----------------------------------------------------------------------
Also - I'm not sure of other daemons, but dovecot at least seems to default
to a 64K max command length. AFAICT the RFC doesn't specify anything in
particular..
----------------------------------------------------------------------
sayler - 19-Mar-06 18:47
----------------------------------------------------------------------
Attached patch repalces all the fgets() calls in the imap codebase with
calls to dbmail_imap_session_readln, which will soak up extra-long lines
and return an error code. (It is up to the caller of _readln to emit the
actual error message to the user).
----------------------------------------------------------------------
paul - 20-Mar-06 09:34
----------------------------------------------------------------------
merged and finished by restoring the signature for
dbmail_imap_session_readln and friends.
Issue History
Date Modified Username Field Change
======================================================================
10-Mar-06 20:05 sayler New Issue
10-Mar-06 20:06 sayler Note Added: 0001036
10-Mar-06 20:07 sayler File Added: toolong.script
10-Mar-06 20:12 sayler Note Added: 0001037
19-Mar-06 18:45 sayler File Added: patch-2043-longlines2
19-Mar-06 18:47 sayler Note Added: 0001041
20-Mar-06 09:34 paul Note Added: 0001043
20-Mar-06 09:34 paul Status new => resolved
20-Mar-06 09:34 paul Resolution open => fixed
20-Mar-06 09:34 paul Fixed in Version => SVN Trunk
======================================================================
