aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2017-05-05 17:18:09 +0100
committerVsevolod Stakhov <vsevolod@highsecure.ru>2017-05-05 18:02:07 +0100
commit1e7ee6e92ad12cf9d637f4e3dfafe00a66907d7d (patch)
tree9c385fb5c589053a7a452b7907d11447df8d30ad
parent8b616c70d59918bb13d1c19e5d9cc119df6c593b (diff)
downloadrspamd-1e7ee6e92ad12cf9d637f4e3dfafe00a66907d7d.tar.gz
rspamd-1e7ee6e92ad12cf9d637f4e3dfafe00a66907d7d.zip
[Minor] Add basic sanity checks for milter protocol
-rw-r--r--src/libserver/milter.c44
-rw-r--r--src/rspamd_proxy.c7
2 files changed, 48 insertions, 3 deletions
diff --git a/src/libserver/milter.c b/src/libserver/milter.c
index ae81a323f..14068e71b 100644
--- a/src/libserver/milter.c
+++ b/src/libserver/milter.c
@@ -595,6 +595,33 @@ rspamd_milter_process_command (struct rspamd_milter_session *session,
}
static gboolean
+rspamd_milter_is_valid_cmd (guchar c)
+{
+ switch (c) {
+ case RSPAMD_MILTER_CMD_ABORT:
+ case RSPAMD_MILTER_CMD_BODY:
+ case RSPAMD_MILTER_CMD_CONNECT:
+ case RSPAMD_MILTER_CMD_MACRO:
+ case RSPAMD_MILTER_CMD_BODYEOB:
+ case RSPAMD_MILTER_CMD_HELO:
+ case RSPAMD_MILTER_CMD_QUIT_NC:
+ case RSPAMD_MILTER_CMD_HEADER:
+ case RSPAMD_MILTER_CMD_MAIL:
+ case RSPAMD_MILTER_CMD_EOH:
+ case RSPAMD_MILTER_CMD_OPTNEG:
+ case RSPAMD_MILTER_CMD_QUIT:
+ case RSPAMD_MILTER_CMD_RCPT:
+ case RSPAMD_MILTER_CMD_DATA:
+ case RSPAMD_MILTER_CMD_UNKNOWN:
+ return TRUE;
+ default:
+ break;
+ }
+
+ return FALSE;
+}
+
+static gboolean
rspamd_milter_consume_input (struct rspamd_milter_session *session,
struct rspamd_milter_private *priv)
{
@@ -651,6 +678,23 @@ rspamd_milter_consume_input (struct rspamd_milter_session *session,
break;
case st_read_data:
/* We might need some more data in buffer for further steps */
+ if (priv->parser.datalen == 0 || priv->parser.datalen >
+ RSPAMD_MILTER_MESSAGE_CHUNK * 2) {
+ err = g_error_new (rspamd_milter_quark (), E2BIG,
+ "Command length is too big: %zd",
+ priv->parser.datalen);
+ rspamd_milter_on_protocol_error (session, priv, err);
+
+ return FALSE;
+ }
+ if (!rspamd_milter_is_valid_cmd (priv->parser.cur_cmd)) {
+ err = g_error_new (rspamd_milter_quark (), E2BIG,
+ "Unvalid command: %c",
+ priv->parser.cur_cmd);
+ rspamd_milter_on_protocol_error (session, priv, err);
+
+ return FALSE;
+ }
if (priv->parser.buf->allocated < priv->parser.datalen) {
priv->parser.buf = rspamd_fstring_grow (priv->parser.buf,
priv->parser.pos + priv->parser.datalen);
diff --git a/src/rspamd_proxy.c b/src/rspamd_proxy.c
index da34c0ca4..a0544650d 100644
--- a/src/rspamd_proxy.c
+++ b/src/rspamd_proxy.c
@@ -1620,13 +1620,14 @@ proxy_accept_socket (gint fd, short what, void *arg)
ctx->ev_base);
}
else {
+ msg_info_session ("accepted milter connection from %s port %d",
+ rspamd_inet_address_to_string (addr),
+ rspamd_inet_address_get_port (addr));
+
rspamd_milter_handle_socket (nfd, &ctx->io_tv, ctx->ev_base,
proxy_milter_finish_handler,
proxy_milter_error_handler,
session);
- msg_info_session ("accepted milter connection from %s port %d",
- rspamd_inet_address_to_string (addr),
- rspamd_inet_address_get_port (addr));
}
}