moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-12-21 23:58:49 -05:00
Code Issues Releases Wiki Activity

smtp: Fixed non-escaping of dot character at beginning of line

Browse Source 
A dot character at the beginning of a line would not be escaped to a
double dot as required by RFC-2821, instead it would be deleted by the
mail server. Please see section 4.5.2 of the RFC for more information.

Note: This fix also simplifies the detection of repeated CRLF.CRLF
combinations, such as CRLF.CRLF.CRLF, a little rather than having to
advance the eob counter to 2.
This commit is contained in:
Steve Holme 2012-05-17 11:31:06 +01:00
parent fec096f153
commit 7ba07c80a1
2 changed files with 13 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
lib/smtp.c
View File

@ -1929,17 +1929,19 @@ static CURLcode smtp_setup_connection(struct connectdata *conn)
CURLcode Curl_smtp_escape_eob(struct connectdata *conn, ssize_t nread) CURLcode Curl_smtp_escape_eob(struct connectdata *conn, ssize_t nread)
{ {
/* When sending SMTP payload, we must detect CRLF.CRLF sequences in /* When sending a SMTP payload we must detect CRLF. sequences making sure
* the data and make sure it is sent as CRLF..CRLF instead, as they are sent as CRLF.. instead, as a . on the beginning of a line will
* otherwise it will wrongly be detected as end of data by the server. be deleted by the server when not part of an EOB terminator and a
*/ genuine CRLF.CRLF which isn't escaped will wrongly be detected as end of
data by the server.
*/
ssize_t i; ssize_t i;
ssize_t si; ssize_t si;
struct smtp_conn *smtpc = &conn->proto.smtpc; struct smtp_conn *smtpc = &conn->proto.smtpc;
struct SessionHandle *data = conn->data; struct SessionHandle *data = conn->data;
/* Do we need to allocate the scatch buffer? */ /* Do we need to allocate the scatch buffer? */
if(!data->state.scratch) { if(!data->state.scratch) {
data->state.scratch = malloc(2 * BUFSIZE); data->state.scratch = malloc(2 * BUFSIZE);
if(!data->state.scratch) { if(!data->state.scratch) {
@ -1965,18 +1967,12 @@ CURLcode Curl_smtp_escape_eob(struct connectdata *conn, ssize_t nread)
smtpc->eob = 0; smtpc->eob = 0;
} }
if(SMTP_EOB_LEN == smtpc->eob) { /* Do we have a match for CRLF. as per RFC-2821, sect. 4.5.2 */
/* It matched, copy the replacement data to the target buffer if(SMTP_EOB_FIND_LEN == smtpc->eob) {
instead. Note that the replacement does not contain the /* Copy the replacement data to the target buffer */
trailing CRLF but we instead continue to match on that one memcpy(&data->state.scratch[si], SMTP_EOB_REPL, SMTP_EOB_REPL_LEN);
to deal with repeated sequences. Like CRLF.CRLF.CRLF etc
*/
memcpy(&data->state.scratch[si], SMTP_EOB_REPL,
SMTP_EOB_REPL_LEN);
si += SMTP_EOB_REPL_LEN; si += SMTP_EOB_REPL_LEN;
smtpc->eob = 0;
/* Start over at two bytes */
smtpc->eob = 2;
} }
else if(!smtpc->eob) else if(!smtpc->eob)
data->state.scratch[si++] = data->req.upload_fromhere[i]; data->state.scratch[si++] = data->req.upload_fromhere[i];

1
lib/smtp.h
View File

@ -82,6 +82,7 @@ extern const struct Curl_handler Curl_handler_smtps;
/* this is the 5-bytes End-Of-Body marker for SMTP */ /* this is the 5-bytes End-Of-Body marker for SMTP */
#define SMTP_EOB "\x0d\x0a\x2e\x0d\x0a" #define SMTP_EOB "\x0d\x0a\x2e\x0d\x0a"
#define SMTP_EOB_LEN 5 #define SMTP_EOB_LEN 5
#define SMTP_EOB_FIND_LEN 3
/* if found in data, replace it with this string instead */ /* if found in data, replace it with this string instead */
#define SMTP_EOB_REPL "\x0d\x0a\x2e\x2e" #define SMTP_EOB_REPL "\x0d\x0a\x2e\x2e"