]> git.ipfire.org Git - thirdparty/dovecot/core.git/commitdiff
projects / thirdparty / dovecot / core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 16c5905)
lib-dcrypt: istream-decrypt - set stream_errno=EPIPE on unexpected EOF
authorTimo Sirainen <timo.sirainen@dovecot.fi>
Fri, 23 Dec 2016 18:17:06 +0000 (13:17 -0500)
committerGitLab <gitlab@git.dovecot.net>
Wed, 11 Jan 2017 21:10:31 +0000 (23:10 +0200)
src/lib-dcrypt/istream-decrypt.c patch | blob | blame | history

diff --git a/src/lib-dcrypt/istream-decrypt.c b/src/lib-dcrypt/istream-decrypt.c
index c21e02aab47acfee1afd7066b6834d11c75565f1..d9759698bef5a0ffe38d6fb515c8ac517055668e 100644 (file)
--- a/src/lib-dcrypt/istream-decrypt.c
+++ b/src/lib-dcrypt/istream-decrypt.c
@@ -85,11 +85,11 @@ ssize_t i_stream_decrypt_read_header_v1(struct decrypt_istream *stream,
        while (i < 4 && mlen > 2) {
                memcpy(&len, data, 2);
                len = ntohs(len);
+               if (len == 0 || len > mlen-2)
+                       break;
                data += 2;
                mlen -= 2;
                pos += 2;
-               if (len == 0 || len > mlen)
-                       break;
 
                switch(i++) {
                case 0:
@@ -118,7 +118,9 @@ ssize_t i_stream_decrypt_read_header_v1(struct decrypt_istream *stream,
 
        if (i < 4) {
                io_stream_set_error(&stream->istream.iostream, "Invalid or corrupted header");
-               stream->istream.istream.stream_errno = EINVAL;
+               /* was it consumed? */
+               stream->istream.istream.stream_errno =
+                       mlen > 2 ? EINVAL : EPIPE;
                return -1;
        }
 
@@ -609,7 +611,7 @@ ssize_t i_stream_decrypt_read_header(struct decrypt_istream *stream,
                return -1;
        else if (ret == 0) {
                io_stream_set_error(&stream->istream.iostream, "Decryption error: truncate header length");
-               stream->istream.istream.stream_errno = EINVAL;
+               stream->istream.istream.stream_errno = EPIPE;
                return -1;
        }
        stream->initialized = TRUE;
@@ -702,7 +704,7 @@ i_stream_decrypt_read(struct istream_private *stream)
                                io_stream_set_error(&stream->iostream,
                                        "Decryption error: %s",
                                        "Input truncated in decryption header");
-                               stream->istream.stream_errno = EINVAL;
+                               stream->istream.stream_errno = EPIPE;
                                return -1;
                        }
 
@@ -731,7 +733,7 @@ i_stream_decrypt_read(struct istream_private *stream)
 
                                if (hret == 0 && stream->parent->eof) {
                                        /* not encrypted by us */
-                                       stream->istream.stream_errno = EINVAL;
+                                       stream->istream.stream_errno = EPIPE;
                                        io_stream_set_error(&stream->iostream,
                                                "Truncated header");
                                        return -1;
Mirror of https://github.com/dovecot/core.git