From: Timo Sirainen <timo.sirainen@dovecot.fi>
Date: Sat, 11 Jun 2016 18:23:07 +0000 (+0300)
Subject: lib-mail: Fixed message_parser_init_from_parts() with truncated MIME headers
X-Git-Tag: 2.2.25.rc1~161
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=90c8dbd884db01107f87ee9a0d23fc39e7fc195f;p=thirdparty%2Fdovecot%2Fcore.git

lib-mail: Fixed message_parser_init_from_parts() with truncated MIME headers
---

diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c
index b31b494e75..20ad102725 100644
--- a/src/lib-mail/message-parser.c
+++ b/src/lib-mail/message-parser.c
@@ -1005,14 +1005,22 @@ static int preparsed_parse_next_header(struct message_parser_ctx *ctx,
 static int preparsed_parse_next_header_init(struct message_parser_ctx *ctx,
 					    struct message_block *block_r)
 {
+	struct istream *hdr_input;
+
 	i_assert(ctx->hdr_parser_ctx == NULL);
 
 	i_assert(ctx->part->physical_pos >= ctx->input->v_offset);
 	i_stream_skip(ctx->input, ctx->part->physical_pos -
 		      ctx->input->v_offset);
 
+	/* the header may become truncated by --boundaries. limit the header
+	   stream's size to what it's supposed to be to avoid duplicating (and
+	   keeping in sync!) all the same complicated logic as in
+	   parse_next_header(). */
+	hdr_input = i_stream_create_limit(ctx->input, ctx->part->header_size.physical_size);
 	ctx->hdr_parser_ctx =
-		message_parse_header_init(ctx->input, NULL, ctx->hdr_flags);
+		message_parse_header_init(hdr_input, NULL, ctx->hdr_flags);
+	i_stream_unref(&hdr_input);
 
 	ctx->parse_next_block = preparsed_parse_next_header;
 	return preparsed_parse_next_header(ctx, block_r);