From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Mon, 17 Apr 2023 13:14:24 +0000 (+0300)
Subject: login-common: Fail proxying if local_name is invalid
X-Git-Tag: 2.4.0~2136
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cbc6155f5bc5b1c74beac508ac194a40feccbe65;p=thirdparty%2Fdovecot%2Fcore.git

login-common: Fail proxying if local_name is invalid

This is safeguard against sending malformed data that could
lead to unexpected override of fields in remote end.
---

diff --git a/src/login-common/login-proxy.c b/src/login-common/login-proxy.c
index 1f0b8f7b4c..13aa8464d4 100644
--- a/src/login-common/login-proxy.c
+++ b/src/login-common/login-proxy.c
@@ -1,6 +1,7 @@
 /* Copyright (c) 2004-2018 Dovecot authors, see the included COPYING file */
 
 #include "login-common.h"
+#include "connection.h"
 #include "ioloop.h"
 #include "istream.h"
 #include "ostream.h"
@@ -383,6 +384,14 @@ static int login_proxy_connect(struct login_proxy *proxy)
 	proxy->num_waiting_connections_updated = FALSE;
 	rec->num_waiting_connections++;
 
+	if (proxy->client->local_name != NULL &&
+	    !connection_is_valid_dns_name(proxy->client->local_name)) {
+		login_proxy_failed(proxy, proxy->event,
+				   LOGIN_PROXY_FAILURE_TYPE_INTERNAL,
+				   "[BUG] Invalid local_name!");
+		return -1;
+	}
+
 	if (proxy->client->proxy_ttl <= 1) {
 		login_proxy_failed(proxy, proxy->event,
 			LOGIN_PROXY_FAILURE_TYPE_REMOTE_CONFIG,