mirror of
https://github.com/moparisthebest/curl
synced 2024-12-24 09:08:49 -05:00
smtp: check for and bail out on too short EHLO response
Otherwise, a three byte response would make the smtp_state_ehlo_resp() function misbehave. Credit to OSS-Fuzz Bug: https://crbug.com/oss-fuzz/16918 Assisted-by: Max Dymond Closes #4287
This commit is contained in:
parent
198b73d12c
commit
4d0306c698
@ -714,7 +714,7 @@ static CURLcode smtp_state_ehlo_resp(struct connectdata *conn, int smtpcode,
|
|||||||
result = CURLE_REMOTE_ACCESS_DENIED;
|
result = CURLE_REMOTE_ACCESS_DENIED;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else if(len >= 4) {
|
||||||
line += 4;
|
line += 4;
|
||||||
len -= 4;
|
len -= 4;
|
||||||
|
|
||||||
@ -785,6 +785,10 @@ static CURLcode smtp_state_ehlo_resp(struct connectdata *conn, int smtpcode,
|
|||||||
result = smtp_perform_authentication(conn);
|
result = smtp_perform_authentication(conn);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
failf(data, "Unexpectedly short EHLO response");
|
||||||
|
result = CURLE_WEIRD_SERVER_REPLY;
|
||||||
|
}
|
||||||
|
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user