From: Karl Fleischmann <karl.fleischmann@open-xchange.com>
Date: Wed, 1 Mar 2023 13:44:09 +0000 (+0100)
Subject: login-imap, imap: Truncate excessively large IMAP ID parameters in log messages
X-Git-Tag: 2.4.0~2828
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=23f08fc7b16c47dd56bc6e39f6cb69ac795571af;p=thirdparty%2Fdovecot%2Fcore.git

login-imap, imap: Truncate excessively large IMAP ID parameters in log messages
---

diff --git a/src/imap-login/imap-login-cmd-id.c b/src/imap-login/imap-login-cmd-id.c
index 2fabd896cf..1515df7ec3 100644
--- a/src/imap-login/imap-login-cmd-id.c
+++ b/src/imap-login/imap-login-cmd-id.c
@@ -2,6 +2,7 @@
 
 #include "login-common.h"
 #include "str.h"
+#include "str-sanitize.h"
 #include "imap-parser.h"
 #include "imap-quote.h"
 #include "imap-login-settings.h"
@@ -206,7 +207,8 @@ static void cmd_id_finish(struct imap_client *client)
 		    str_len(client->cmd_id->log_reply) > 0) {
 			e_debug(client->cmd_id->params_event,
 				"Pre-login ID sent: %s",
-				str_c(client->cmd_id->log_reply));
+				str_sanitize(str_c(client->cmd_id->log_reply),
+					     IMAP_ID_PARAMS_LOG_MAX_LEN));
 		}
 	}
 
diff --git a/src/imap/cmd-id.c b/src/imap/cmd-id.c
index 808d17cca5..70212d9f46 100644
--- a/src/imap/cmd-id.c
+++ b/src/imap/cmd-id.c
@@ -3,6 +3,7 @@
 #include "imap-common.h"
 #include "imap-id.h"
 #include "str.h"
+#include "str-sanitize.h"
 
 static void
 cmd_id_log_params(const struct imap_arg *args, struct event *event,
@@ -55,7 +56,9 @@ bool cmd_id(struct client_command_context *cmd)
 		string_t *log_reply = str_new(default_pool, 64);
 		cmd_id_log_params(args, event, log_reply);
 		if (str_len(log_reply) > 0)
-			e_debug(event, "ID sent: %s", str_c(log_reply)));
+			e_debug(event, "ID sent: %s",
+				str_sanitize(str_c(log_reply),
+					     IMAP_ID_PARAMS_LOG_MAX_LEN));
 		event_unref(&event);
 		str_free(&log_reply);
 	}
diff --git a/src/lib-imap/imap-id.h b/src/lib-imap/imap-id.h
index 88d15aefe8..ddf73d7cbd 100644
--- a/src/lib-imap/imap-id.h
+++ b/src/lib-imap/imap-id.h
@@ -15,6 +15,8 @@ struct imap_id_log_entry {
 
 /* RFC 2971 says keys are max. 30 octets */
 #define IMAP_ID_KEY_MAX_LEN 30
+/* Truncate excessively large IMAP ID parameters in log lines. */
+#define IMAP_ID_PARAMS_LOG_MAX_LEN 1024
 
 /* Return ID reply based on given settings. */
 const char *imap_id_reply_generate(const char *settings);