# HG changeset patch # User Igor Sysoev # Date 1161781631 0 # Node ID e3aa8f305d21c19beaa4d2988f1117fa3b8039df # Parent da9c1521319d40828ad0eb21b36b14182e06a86f bugfixes diff -r da9c1521319d -r e3aa8f305d21 src/imap/ngx_imap_handler.c --- a/src/imap/ngx_imap_handler.c Tue Oct 24 18:38:31 2006 +0000 +++ b/src/imap/ngx_imap_handler.c Wed Oct 25 13:07:11 2006 +0000 @@ -811,6 +811,7 @@ if (s->args.nelts == 0) { size = cscf->pop3_auth_capability.len; text = cscf->pop3_auth_capability.data; + s->state = 0; break; } @@ -821,11 +822,6 @@ arg = s->args.elts; - s->args.nelts = 0; - s->buffer->pos = s->buffer->start; - s->buffer->last = s->buffer->start; - s->arg_start = s->buffer->start; - if (arg[0].len == 5) { if (ngx_strncasecmp(arg[0].data, "LOGIN", 5) == 0) { @@ -971,11 +967,6 @@ arg = s->args.elts; s->imap_state = ngx_pop3_auth_login_password; - s->args.nelts = 0; - s->buffer->pos = s->buffer->start; - s->buffer->last = s->buffer->start; - s->arg_start = s->buffer->start; - ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, "pop3 auth login username: \"%V\"", &arg[0]); @@ -990,8 +981,8 @@ ngx_log_error(NGX_LOG_INFO, c->log, 0, "client sent invalid base64 encoding " "in AUTH LOGIN command"); - ngx_imap_session_internal_server_error(s); - return; + rc = NGX_IMAP_PARSE_INVALID_COMMAND; + break; } ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0, @@ -1021,8 +1012,8 @@ ngx_log_error(NGX_LOG_INFO, c->log, 0, "client sent invalid base64 encoding " "in AUTH LOGIN command"); - ngx_imap_session_internal_server_error(s); - return; + rc = NGX_IMAP_PARSE_INVALID_COMMAND; + break; } #if (NGX_DEBUG_IMAP_PASSWD) @@ -1061,8 +1052,8 @@ ngx_log_error(NGX_LOG_INFO, c->log, 0, "client sent invalid base64 encoding " "in AUTH PLAIN command"); - ngx_imap_session_internal_server_error(s); - return; + rc = NGX_IMAP_PARSE_INVALID_COMMAND; + break; } p = plain.data; @@ -1070,16 +1061,30 @@ while (p < last && *p++) { /* void */ } + if (p == last) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client sent invalid login/password " + "in AUTH PLAIN command"); + rc = NGX_IMAP_PARSE_INVALID_COMMAND; + break; + } + s->login.data = p; while (p < last && *p) { p++; } - s->login.len = p++ - s->login.data; - s->passwd.data = p; + if (p == last) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client sent invalid login/password " + "in AUTH PLAIN command"); + rc = NGX_IMAP_PARSE_INVALID_COMMAND; + break; + } - while (p < last && *p) { p++; } + s->login.len = p++ - s->login.data; - s->passwd.len = p - s->passwd.data; + s->passwd.len = last - p; + s->passwd.data = p; #if (NGX_DEBUG_IMAP_PASSWD) ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0, @@ -1115,9 +1120,9 @@ if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) { ngx_log_error(NGX_LOG_INFO, c->log, 0, "client sent invalid base64 encoding " - "in AUTH LOGIN command"); - ngx_imap_session_internal_server_error(s); - return; + "in AUTH CRAM-MD5 command"); + rc = NGX_IMAP_PARSE_INVALID_COMMAND; + break; } p = s->login.data; @@ -1132,6 +1137,14 @@ } } + if (s->passwd.len != 32) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "client sent invalid CRAM-MD5 hash " + "in AUTH CRAM-MD5 command"); + rc = NGX_IMAP_PARSE_INVALID_COMMAND; + break; + } + ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0, "pop3 auth cram-md5: \"%V\" \"%V\"", &s->login, &s->passwd); @@ -1153,6 +1166,8 @@ } if (rc == NGX_IMAP_PARSE_INVALID_COMMAND) { + s->imap_state = ngx_pop3_start; + s->state = 0; text = pop3_invalid_command; size = sizeof(pop3_invalid_command) - 1; } @@ -1161,6 +1176,10 @@ s->buffer->pos = s->buffer->start; s->buffer->last = s->buffer->start; + if (s->state) { + s->arg_start = s->buffer->start; + } + s->out.data = text; s->out.len = size; diff -r da9c1521319d -r e3aa8f305d21 src/imap/ngx_imap_parse.c --- a/src/imap/ngx_imap_parse.c Tue Oct 24 18:38:31 2006 +0000 +++ b/src/imap/ngx_imap_parse.c Wed Oct 25 13:07:11 2006 +0000 @@ -581,6 +581,7 @@ invalid: s->state = sw_start; + s->arg_start = NULL; return NGX_IMAP_PARSE_INVALID_COMMAND; }