From: Stephan Bosch <stephan.bosch@open-xchange.com>
Date: Tue, 10 Dec 2024 14:45:12 +0000 (+0100)
Subject: lib-smtp: smtp-command-parser - Explicitly disallow 8-bit characters for AUTH response
X-Git-Tag: 2.4.0~1395
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=caf7ee9fe58e2f4bb1c07502b92bbf52e2fbebd7;p=thirdparty%2Fdovecot%2Fcore.git

lib-smtp: smtp-command-parser - Explicitly disallow 8-bit characters for AUTH response

Later Base64 parsing would catch that, but command parser errors become clearer
when this is caught early. Also, this fixes a unit test failure when
experimental SMTPUTF8 support is enabled.

When SMTPUTF8 support is disabled, smtp_char_is_textstr() disallows 8-bit
implicitly, but when SMTPUTF8 is enabled 8-bit octets will be let through.
This caused the invalidity unit test to fail.
---

diff --git a/src/lib-smtp/smtp-command-parser.c b/src/lib-smtp/smtp-command-parser.c
index 63ae244d46..abfdb4cc4b 100644
--- a/src/lib-smtp/smtp-command-parser.c
+++ b/src/lib-smtp/smtp-command-parser.c
@@ -211,9 +211,11 @@ static int smtp_command_parse_parameters(struct smtp_command_parser *parser)
 	while (p < parser->end) {
 		unichar_t ch;
 
-		if (parser->auth_response)
+		if (parser->auth_response) {
+			if ((*p & 0x80) != 0x00)
+				break;
 			ch = *p;
-		else {
+		} else {
 			nch = uni_utf8_get_char_n(p, (size_t)(parser->end - p),
 						  &ch);
 		}