imap-hibernate: Fix "DONE" handling.

1. If only "DONE\r\n" was sent, it randomly failed with BAD because of
out-of-bounds buffer read.

2. If "DONE\r\n" was followed by a command tag but no space afterwards, we
kept waiting for the input to continue. But since the DONE was already sent,
we should break the IDLE already at that point without any further waiting.

diff --git a/src/imap-hibernate/imap-client.c b/src/imap-hibernate/imap-client.c
index c53e5d3eec1127c48dd0360465a3f0ff7cc5e827..bda80f99f67fbcaff5aace0f9140abdf6e46ab44 100644 (file)
--- a/src/imap-hibernate/imap-client.c
+++ b/src/imap-hibernate/imap-client.c
@@ -278,6 +278,8 @@ imap_client_input_parse(const unsigned char *data, size_t size, const char **tag
        if (data[0] != '\n')
                return IMAP_CLIENT_INPUT_STATE_BAD;
        data++; size--;
+       if (size == 0)
+               return state;
 
        tag_start = data;
 
@@ -289,7 +291,7 @@ imap_client_input_parse(const unsigned char *data, size_t size, const char **tag
        tag_end = data;
 
        if (size == 0)
-               return IMAP_CLIENT_INPUT_STATE_UNKNOWN;
+               return state;
        if (data[0] != ' ')
                return IMAP_CLIENT_INPUT_STATE_BAD;
        data++; size--;