bugfixes
diff --git a/src/imap/ngx_imap_handler.c b/src/imap/ngx_imap_handler.c
index 7c3a435..3bd727e 100644
--- a/src/imap/ngx_imap_handler.c
+++ b/src/imap/ngx_imap_handler.c
@@ -811,6 +811,7 @@
if (s->args.nelts == 0) {
size = cscf->pop3_auth_capability.len;
text = cscf->pop3_auth_capability.data;
+ s->state = 0;
break;
}
@@ -821,11 +822,6 @@
arg = s->args.elts;
- s->args.nelts = 0;
- s->buffer->pos = s->buffer->start;
- s->buffer->last = s->buffer->start;
- s->arg_start = s->buffer->start;
-
if (arg[0].len == 5) {
if (ngx_strncasecmp(arg[0].data, "LOGIN", 5) == 0) {
@@ -971,11 +967,6 @@
arg = s->args.elts;
s->imap_state = ngx_pop3_auth_login_password;
- s->args.nelts = 0;
- s->buffer->pos = s->buffer->start;
- s->buffer->last = s->buffer->start;
- s->arg_start = s->buffer->start;
-
ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
"pop3 auth login username: \"%V\"", &arg[0]);
@@ -990,8 +981,8 @@
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent invalid base64 encoding "
"in AUTH LOGIN command");
- ngx_imap_session_internal_server_error(s);
- return;
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
}
ngx_log_debug1(NGX_LOG_DEBUG_IMAP, c->log, 0,
@@ -1021,8 +1012,8 @@
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent invalid base64 encoding "
"in AUTH LOGIN command");
- ngx_imap_session_internal_server_error(s);
- return;
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
}
#if (NGX_DEBUG_IMAP_PASSWD)
@@ -1061,8 +1052,8 @@
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent invalid base64 encoding "
"in AUTH PLAIN command");
- ngx_imap_session_internal_server_error(s);
- return;
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
}
p = plain.data;
@@ -1070,17 +1061,31 @@
while (p < last && *p++) { /* void */ }
+ if (p == last) {
+ ngx_log_error(NGX_LOG_INFO, c->log, 0,
+ "client sent invalid login/password "
+ "in AUTH PLAIN command");
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
+ }
+
s->login.data = p;
while (p < last && *p) { p++; }
+ if (p == last) {
+ ngx_log_error(NGX_LOG_INFO, c->log, 0,
+ "client sent invalid login/password "
+ "in AUTH PLAIN command");
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
+ }
+
s->login.len = p++ - s->login.data;
+
+ s->passwd.len = last - p;
s->passwd.data = p;
- while (p < last && *p) { p++; }
-
- s->passwd.len = p - s->passwd.data;
-
#if (NGX_DEBUG_IMAP_PASSWD)
ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
"pop3 auth plain: \"%V\" \"%V\"",
@@ -1115,9 +1120,9 @@
if (ngx_decode_base64(&s->login, &arg[0]) != NGX_OK) {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent invalid base64 encoding "
- "in AUTH LOGIN command");
- ngx_imap_session_internal_server_error(s);
- return;
+ "in AUTH CRAM-MD5 command");
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
}
p = s->login.data;
@@ -1132,6 +1137,14 @@
}
}
+ if (s->passwd.len != 32) {
+ ngx_log_error(NGX_LOG_INFO, c->log, 0,
+ "client sent invalid CRAM-MD5 hash "
+ "in AUTH CRAM-MD5 command");
+ rc = NGX_IMAP_PARSE_INVALID_COMMAND;
+ break;
+ }
+
ngx_log_debug2(NGX_LOG_DEBUG_IMAP, c->log, 0,
"pop3 auth cram-md5: \"%V\" \"%V\"",
&s->login, &s->passwd);
@@ -1153,6 +1166,8 @@
}
if (rc == NGX_IMAP_PARSE_INVALID_COMMAND) {
+ s->imap_state = ngx_pop3_start;
+ s->state = 0;
text = pop3_invalid_command;
size = sizeof(pop3_invalid_command) - 1;
}
@@ -1161,6 +1176,10 @@
s->buffer->pos = s->buffer->start;
s->buffer->last = s->buffer->start;
+ if (s->state) {
+ s->arg_start = s->buffer->start;
+ }
+
s->out.data = text;
s->out.len = size;
diff --git a/src/imap/ngx_imap_parse.c b/src/imap/ngx_imap_parse.c
index c7fc334..fabba26 100644
--- a/src/imap/ngx_imap_parse.c
+++ b/src/imap/ngx_imap_parse.c
@@ -581,6 +581,7 @@
invalid:
s->state = sw_start;
+ s->arg_start = NULL;
return NGX_IMAP_PARSE_INVALID_COMMAND;
}
