rpms / libetpan

Clone
Source Code
GIT

Blame libetpan-1.9.4-0001-Detect-extra-data-after-STARTTLS-response-and-exit-3.patch

el4 el5 el6 epel7 f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f7 f8 f9 fc6 main rawhide
  1.   rawhide
  2.   libetpan-1.9.4-0001-Detect-extra-data-after-STARTTLS-response-and-exit-3.patch
Blob History Raw
f4d197f 
From 1002a0121a8f5a9aee25357769807f2c519fa50b Mon Sep 17 00:00:00 2001
f4d197f 
From: Damian Poddebniak <duesee@users.noreply.github.com>
f4d197f 
Date: Fri, 24 Jul 2020 19:39:53 +0200
f4d197f 
Subject: [PATCH 1/2] Detect extra data after STARTTLS response and exit (#387)
f4d197f
f4d197f 
---
f4d197f 
 src/low-level/imap/mailimap.c | 7 +++++++
f4d197f 
 1 file changed, 7 insertions(+)
f4d197f
f4d197f 
diff --git a/src/low-level/imap/mailimap.c b/src/low-level/imap/mailimap.c
f4d197f 
index bb17119..4ffcf55 100644
f4d197f 
--- a/src/low-level/imap/mailimap.c
f4d197f 
+++ b/src/low-level/imap/mailimap.c
f4d197f 
@@ -2428,6 +2428,13 @@ int mailimap_starttls(mailimap * session)
f4d197f
f4d197f 
   mailimap_response_free(response);
f4d197f
f4d197f 
+  // Detect if the server send extra data after the STARTTLS response.
f4d197f 
+  // This *may* be a "response injection attack".
f4d197f 
+  if (session->imap_stream->read_buffer_len != 0) {
f4d197f 
+      // Since it is also an IMAP protocol violation, exit.
f4d197f 
+      return MAILIMAP_ERROR_STARTTLS;
f4d197f 
+  }
f4d197f 
+
f4d197f 
   switch (error_code) {
f4d197f 
   case MAILIMAP_RESP_COND_STATE_OK:
f4d197f 
     return MAILIMAP_NO_ERROR;
f4d197f 
--
f4d197f 
2.26.2
f4d197f
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.