INN commit: branches/2.5/lib (getmodaddr.c)
INN Commit
rra at isc.org
Fri Oct 29 22:39:50 UTC 2010
Date: Friday, October 29, 2010 @ 15:39:50
Author: iulius
Revision: 9144
Before passing the submission template to snprintf(), check
that it is a valid one with "%" followed by only another "%"
or a "s" (but once only).
Modified:
branches/2.5/lib/getmodaddr.c
--------------+
getmodaddr.c | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++++----
1 file changed, 54 insertions(+), 4 deletions(-)
Modified: getmodaddr.c
===================================================================
--- getmodaddr.c 2010-10-29 22:39:13 UTC (rev 9143)
+++ getmodaddr.c 2010-10-29 22:39:50 UTC (rev 9144)
@@ -91,6 +91,48 @@
}
/*
+** Check if the argument is a valid submission template according to RFC 6048.
+** At least, make sure it does not contain "%" except as part of "%s" or "%%",
+** and that only one occurrence of "%s" exists, if any.
+*/
+static bool
+IsValidSubmissionTemplate(const char *string)
+{
+ bool found = false;
+ const char *p;
+
+ /* Not NULL. */
+ if (string == NULL)
+ return false;
+
+ p = string;
+
+ while ((p = strchr(p, '%')) != NULL) {
+ /* Look at the next character. */
+ p++;
+
+ /* Skip "%%". */
+ if (*p == '%') {
+ p++;
+ continue;
+ }
+
+ /* Invalid template if not "%s". */
+ if (*p != 's')
+ return false;
+
+ /* Invalid template if another "%s". */
+ if (found)
+ return false;
+
+ found = true;
+ }
+
+ return true;
+}
+
+
+/*
** Read the moderators file, looking for a moderator.
*/
char *
@@ -158,12 +200,14 @@
for (p = name; *p; p++)
if (*p == '.')
*p = '-';
- snprintf(address, sizeof(address), save, name);
- break;
+ if (IsValidSubmissionTemplate(save)) {
+ snprintf(address, sizeof(address), save, name);
+ break;
+ }
}
}
- GMAclose();
+ GMAclose();
if (address[0])
return address;
}
@@ -175,6 +219,12 @@
for (p = name; *p; p++)
if (*p == '.')
*p = '-';
- snprintf(address, sizeof(address), save, name);
+
+ if (IsValidSubmissionTemplate(save)) {
+ snprintf(address, sizeof(address), save, name);
+ } else {
+ return NULL;
+ }
+
return address;
}
More information about the inn-committers
mailing list