]> git.ipfire.org Git - thirdparty/dovecot/core.git/commit
projects / thirdparty / dovecot / core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fd3d65c) | patch
lib-sasl: Enforce absolute limit on SASL message size for both client and server
authorStephan Bosch <stephan.bosch@open-xchange.com>
Tue, 28 Oct 2025 13:35:06 +0000 (14:35 +0100)
committeraki.tuomi <aki.tuomi@open-xchange.com>
Fri, 31 Oct 2025 19:57:35 +0000 (19:57 +0000)
commit8a1b145d4b9d163351c463c734f8242f1d1ca7b7
tree8f3211a3d0069a3e424c5c7113cf7b2195cc5387tree | snapshot
parentfd3d65c65c778cf0a2fba6487c8d0eb30b6780b7commit | diff
lib-sasl: Enforce absolute limit on SASL message size for both client and server

This is a second layer of defence against abuse. The real limit enforced by the
auth service can be (is) smaller. Additionally, these limits will make sure the
fuzzer does not time out.

OSS-Fuzz report: 455796070
src/lib-auth-client/auth-client-interface.h diff | blob | blame | history
src/lib-sasl/dsasl-client.c diff | blob | blame | history
src/lib-sasl/sasl-common.h diff | blob | blame | history
src/lib-sasl/sasl-server-request.c diff | blob | blame | history
Mirror of https://github.com/dovecot/core.git