aboutsummaryrefslogtreecommitdiffstats
path: root/pop3.c
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2005-07-22 01:37:43 +0000
committerMatthias Andree <matthias.andree@gmx.de>2005-07-22 01:37:43 +0000
commitb6793947e553bf999fbf45e501065f7547e34e24 (patch)
tree240dfe82e0f70950cd58e96c07ba8ec3b13e6a99 /pop3.c
parentc873f8eb1c584cb521b22db7a3dda941ddb172eb (diff)
downloadfetchmail-b6793947e553bf999fbf45e501065f7547e34e24.tar.gz
fetchmail-b6793947e553bf999fbf45e501065f7547e34e24.tar.bz2
fetchmail-b6793947e553bf999fbf45e501065f7547e34e24.zip
Fix NULL dereference when Message-ID or actual UID are missing from input.
Reported by Miloslav Trmac. Re-add got_it to Message-Id parser so we use the first, not the last Message-ID. svn path=/trunk/; revision=4157
Diffstat (limited to 'pop3.c')
-rw-r--r--pop3.c26
1 files changed, 18 insertions, 8 deletions
diff --git a/pop3.c b/pop3.c
index 9025b314..4898e1e9 100644
--- a/pop3.c
+++ b/pop3.c
@@ -611,6 +611,12 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
return(PS_SUCCESS);
}
+/* cut off C string at first POSIX space */
+static void trim(char *s) {
+ s += strcspn(s, POSIX_space);
+ s[0] = '\0';
+}
+
static int pop3_gettopid(int sock, int num , char *id, size_t idsize)
{
int ok;
@@ -626,31 +632,35 @@ static int pop3_gettopid(int sock, int num , char *id, size_t idsize)
break;
if (!got_it && 0 == strncasecmp("Message-Id:", buf, 11)) {
char *p = buf + 11;
+ got_it = 1;
p += strspn(p, POSIX_space);
- p = strtok(p, POSIX_space);
strlcpy(id, p, idsize);
+ trim(id);
}
}
return 0;
}
-/** Parse destructively the UID response (leading +OK must have been
+/** Parse the UID response (leading +OK must have been
* stripped off) in buf, store the number in gotnum, and store the ID
* into the caller-provided buffer "id" of size "idsize".
* Returns PS_SUCCESS or PS_PROTOCOL for failure. */
-static int parseuid(char *buf, unsigned long *gotnum, char *id, size_t idsize)
+static int parseuid(const char *buf, unsigned long *gotnum, char *id, size_t idsize)
{
- char *i, *j;
+ const char *i;
+ char *j;
- i = strtok(buf, POSIX_space);
+ /* skip leading blanks ourselves */
+ i = buf + strspn(i, POSIX_space);
errno = 0;
*gotnum = strtoul(i, &j, 10);
- if (*j != '\0' || j == i || errno) {
+ if (j == i || !*j || errno || NULL == strchr(POSIX_space, *j)) {
report(stderr, GT_("Cannot handle UIDL response from upstream server.\n"));
return PS_PROTOCOL;
}
- i = strtok(NULL, POSIX_space);
- strlcpy(id, i, idsize);
+ j += strspn(j, POSIX_space);
+ strlcpy(id, j, idsize);
+ trim(id);
return PS_SUCCESS;
}