From: Stephan Bosch <stephan.bosch@open-xchange.com>
Date: Fri, 4 Oct 2019 18:47:35 +0000 (+0200)
Subject: lib-smtp: smtp-command-parser - Accept valid UTF-8 characters for command parameters.
X-Git-Tag: 2.3.9~120
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8f08f1944be438a2422b604c08e5060b5c7bd72f;p=thirdparty%2Fdovecot%2Fcore.git

lib-smtp: smtp-command-parser - Accept valid UTF-8 characters for command parameters.
---

diff --git a/src/lib-smtp/smtp-command-parser.c b/src/lib-smtp/smtp-command-parser.c
index c8b09c8d4e..4fd6bd59e9 100644
--- a/src/lib-smtp/smtp-command-parser.c
+++ b/src/lib-smtp/smtp-command-parser.c
@@ -1,6 +1,7 @@
 /* Copyright (c) 2013-2018 Dovecot authors, see the included COPYING file */
 
 #include "lib.h"
+#include "unichar.h"
 #include "istream.h"
 #include "istream-failure-at.h"
 #include "istream-sized.h"
@@ -169,12 +170,31 @@ static int smtp_command_parse_parameters(struct smtp_command_parser *parser)
 		parser->limits.max_auth_size :
 		parser->limits.max_parameters_size);
 
-	/* We assume parameters to match textstr
-	   => HT, SP, Printable US-ASCII
+	/* We assume parameters to match textstr (HT, SP, Printable US-ASCII).
+	   For command parameters, we also accept valid UTF-8 characters.
 	 */
 	p = parser->cur + parser->state.poff;
-	while (p < parser->end && smtp_char_is_textstr(*p))
-		p++;
+	while (p < parser->end) {
+		unichar_t ch;
+		int nch = 1;
+
+		if (parser->auth_response)
+			ch = *p;
+		else {
+			nch = uni_utf8_get_char_n(p, (size_t)(p - parser->end),
+						  &ch);
+		}
+		if (nch < 0) {
+			smtp_command_parser_error(parser,
+				SMTP_COMMAND_PARSE_ERROR_BAD_COMMAND,
+				"Invalid UTF-8 character in command parameters");
+			return -1;
+		}
+		if ((parser->auth_response || (ch & 0x80) == 0x00) &&
+		    !smtp_char_is_textstr((unsigned char)ch))
+			break;
+		p += nch;
+	}
 	if (max_size > 0 && (uoff_t)(p - parser->cur) > max_size) {
 		smtp_command_parser_error(parser,
 			SMTP_COMMAND_PARSE_ERROR_LINE_TOO_LONG,
diff --git a/src/lib-smtp/test-smtp-command-parser.c b/src/lib-smtp/test-smtp-command-parser.c
index 71ef1a2315..304409cff3 100644
--- a/src/lib-smtp/test-smtp-command-parser.c
+++ b/src/lib-smtp/test-smtp-command-parser.c
@@ -56,6 +56,10 @@ valid_command_parse_tests[] = {
 		.limits = { .max_parameters_size = 39 },
 		.cmd_name = "RCPT",
 		.cmd_params = "TO:<recipient@example.com> NOTIFY=NEVER"
+	}, {
+		.command = "MAIL FROM:<f\xc3\xb6\xc3\xa4@\xc3\xb6\xc3\xa4>\r\n",
+		.cmd_name = "MAIL",
+		.cmd_params = "FROM:<f\xc3\xb6\xc3\xa4@\xc3\xb6\xc3\xa4>"
 	}
 };
 
@@ -271,6 +275,9 @@ static const struct smtp_auth_response_parse_invalid_test
 			"B2ZXJ5IHZlcnkgdmVyeSBsb25nIEJhc2U2NCB0ZXN0\r\n",
 		.limits = { .max_auth_size = 83 },
 		.error_code = SMTP_COMMAND_PARSE_ERROR_LINE_TOO_LONG
+	}, {
+		.auth_response = "\xc3\xb6\xc3\xa4\xc3\xb6\xc3\xa4\r\n",
+		.error_code = SMTP_COMMAND_PARSE_ERROR_BAD_COMMAND,
 	}
 };