From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Fri, 24 Sep 2021 13:27:40 +0000 (+0300)
Subject: lib-index: Add and use mail_index_ext_name_is_valid()
X-Git-Tag: 2.3.18~265
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=05e570be12ae6b917277e36c56168d15954e5e3e;p=thirdparty%2Fdovecot%2Fcore.git

lib-index: Add and use mail_index_ext_name_is_valid()

Use it in mail_index_ext_register() instead of the more relaxed
str_sanitize() check.
---

diff --git a/src/lib-index/mail-index-private.h b/src/lib-index/mail-index-private.h
index 1384f13439..7efaf6bf5d 100644
--- a/src/lib-index/mail-index-private.h
+++ b/src/lib-index/mail-index-private.h
@@ -41,6 +41,7 @@ struct mail_index_sync_map_ctx;
 	 (u)->modseq_inc_flag == 0)
 
 #define MAIL_INDEX_EXT_KEYWORDS "keywords"
+#define MAIL_INDEX_EXT_NAME_MAX_LENGTH 64
 
 typedef int mail_index_expunge_handler_t(struct mail_index_sync_map_ctx *ctx,
 					 const void *data, void **sync_context);
@@ -367,6 +368,7 @@ void mail_index_fchown(struct mail_index *index, int fd, const char *path);
 
 bool mail_index_map_lookup_ext(struct mail_index_map *map, const char *name,
 			       uint32_t *idx_r);
+bool mail_index_ext_name_is_valid(const char *name);
 uint32_t
 mail_index_map_register_ext(struct mail_index_map *map,
 			    const char *name, uint32_t ext_offset,
diff --git a/src/lib-index/mail-index.c b/src/lib-index/mail-index.c
index 9796c394be..8f89309cf5 100644
--- a/src/lib-index/mail-index.c
+++ b/src/lib-index/mail-index.c
@@ -24,6 +24,7 @@
 #include <stddef.h>
 #include <time.h>
 #include <sys/stat.h>
+#include <ctype.h>
 
 struct mail_index_module_register mail_index_module_register = { 0 };
 
@@ -244,6 +245,19 @@ void mail_index_set_ext_init_data(struct mail_index *index, uint32_t ext_id,
 	memcpy(index->set.ext_hdr_init_data, data, size);
 }
 
+bool mail_index_ext_name_is_valid(const char *name)
+{
+	size_t i;
+
+	for (i = 0; name[i] != '\0'; i++) {
+		if (!i_isalnum(name[i]) && name[i] != '-' && name[i] != '_' &&
+		    name[i] != ' ')
+			return FALSE;
+
+	}
+	return i == 0 || i < MAIL_INDEX_EXT_NAME_MAX_LENGTH;
+}
+
 uint32_t mail_index_ext_register(struct mail_index *index, const char *name,
 				 uint32_t default_hdr_size,
 				 uint16_t default_record_size,
@@ -252,7 +266,7 @@ uint32_t mail_index_ext_register(struct mail_index *index, const char *name,
 	struct mail_index_registered_ext rext;
 	uint32_t ext_id;
 
-	if (*name == '\0' || strcmp(name, str_sanitize(name, SIZE_MAX)) != 0)
+	if (!mail_index_ext_name_is_valid(name))
 		i_panic("mail_index_ext_register(%s): Invalid name", name);
 
 	if (default_record_size != 0 && default_record_align == 0) {