From 25884aa1979061749469a61c629adafe9f8d500e Mon Sep 17 00:00:00 2001 From: Jiri Hruska Date: Fri, 1 Mar 2013 19:24:56 +0100 Subject: imap: Improved FETCH response parsing Added safer parsing of the untagged FETCH response line and the size of continuation data. --- lib/imap.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'lib/imap.c') diff --git a/lib/imap.c b/lib/imap.c index aeb876210..8b00b216d 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -1252,6 +1252,8 @@ static CURLcode imap_state_fetch_resp(struct connectdata *conn, int imapcode, struct imap_conn *imapc = &conn->proto.imapc; struct pingpong *pp = &imapc->pp; const char *ptr = data->state.buffer; + bool parsed = FALSE; + curl_off_t size; (void)instate; /* no use for this yet */ @@ -1267,11 +1269,16 @@ static CURLcode imap_state_fetch_resp(struct connectdata *conn, int imapcode, ptr++; if(*ptr == '{') { - curl_off_t size = curlx_strtoofft(ptr + 1, NULL, 10); - if(size) - Curl_pgrsSetDownloadSize(data, size); + char *endptr; + size = curlx_strtoofft(ptr + 1, &endptr, 10); + if(endptr - ptr > 1 && endptr[0] == '}' && + endptr[1] == '\r' && endptr[2] == '\0') + parsed = TRUE; + } + if(parsed) { infof(data, "Found %" FORMAT_OFF_TU " bytes to download\n", size); + Curl_pgrsSetDownloadSize(data, size); if(pp->cache) { /* At this point there is a bunch of data in the header "cache" that is @@ -1316,9 +1323,11 @@ static CURLcode imap_state_fetch_resp(struct connectdata *conn, int imapcode, data->req.maxdownload = size; } - else + else { /* We don't know how to parse this line */ + failf(pp->conn->data, "Failed to parse FETCH response."); result = CURLE_FTP_WEIRD_SERVER_REPLY; /* TODO: fix this code */ + } /* End of DO phase */ state(conn, IMAP_STOP); -- cgit v1.2.3