INN commit: trunk (doc/pod/news.pod frontends/inews.c)

INN Commit rra at isc.org
Tue Jul 11 19:31:17 UTC 2017


    Date: Tuesday, July 11, 2017 @ 12:31:17
  Author: iulius
Revision: 10161

inews: fix the check of header field length

The limitation of 998 bytes is for the length of a single line of a
header field, not for the whole header field.

Also, use MED_BUFFER instead of HEADER_STRLEN in places where
a mere buffer was expected, not related to header length.

Modified:
  trunk/doc/pod/news.pod
  trunk/frontends/inews.c

-------------------+
 doc/pod/news.pod  |    7 +++++++
 frontends/inews.c |   39 ++++++++++++++++++++-------------------
 2 files changed, 27 insertions(+), 19 deletions(-)

Modified: doc/pod/news.pod
===================================================================
--- doc/pod/news.pod	2017-07-11 19:26:55 UTC (rev 10160)
+++ doc/pod/news.pod	2017-07-11 19:31:17 UTC (rev 10161)
@@ -23,6 +23,13 @@
 
 =item *
 
+Fixed a bug in B<inews> that was rejecting articles containing header
+fields whose length exceeded 998 bytes.  This limitation is for the
+length of a single line of a header field, not for the whole header
+field.
+
+=item *
+
 A few commands listed in the "Control commands to INND" section in
 daily Usenet reports were appearing as a mere letter; all of them are
 now properly converted to meaningful words.

Modified: frontends/inews.c
===================================================================
--- frontends/inews.c	2017-07-11 19:26:55 UTC (rev 10160)
+++ frontends/inews.c	2017-07-11 19:31:17 UTC (rev 10161)
@@ -34,7 +34,6 @@
 #define HEADER_DELTA		20
 #define GECOSTERM(c)		\
 	    ((c) == ',' || (c) == ';' || (c) == ':' || (c) == LPAREN)
-#define HEADER_STRLEN		998
 
 typedef enum _HEADERTYPE {
     HTobs,
@@ -124,7 +123,7 @@
 static void
 QuitServer(int x)
 {
-    char	buff[HEADER_STRLEN];
+    char	buff[MED_BUFFER];
     char	*p;
 
     if (Spooling)
@@ -198,13 +197,22 @@
 static char *
 NextHeader(char *p)
 {
-    for ( ; ; p++) {
-	if ((p = strchr(p, '\n')) == NULL)
+    char *q;
+    for (q = p; ; p++) {
+        if ((p = strchr(p, '\n')) == NULL) {
             die("article is all headers");
-	if (!ISWHITE(p[1])) {
-	    *p = '\0';
-	    return p + 1;
-	}
+        }
+        /* Check the maximum length of a single line. */
+        if (p - q + 1 > MAXARTLINELENGTH) {
+            die("header line too long");
+        }
+        /* Check if there is a continuation line for the header. */
+        if (ISWHITE(p[1])) {
+            q = p + 1;
+            continue;
+        }
+        *p = '\0';
+        return p + 1;
     }
 }
 
@@ -798,7 +806,7 @@
 {
     fprintf(ToServer, "post\r\n");
     SafeFlush(ToServer);
-    if (fgets(buff, HEADER_STRLEN, FromServer) == NULL)
+    if (fgets(buff, MED_BUFFER, FromServer) == NULL)
         sysdie(Authorized ? "Can't offer article to server (authorized)"
                           : "Can't offer article to server");
     return atoi(buff);
@@ -868,8 +876,8 @@
     struct passwd	*pwp;
     char		*article;
     char		*deadfile;
-    char		buff[HEADER_STRLEN];
-    char		SpoolMessage[HEADER_STRLEN];
+    char		buff[MED_BUFFER];
+    char		SpoolMessage[MED_BUFFER];
     bool		DoSignature;
     bool		AddOrg;
     size_t		Length;
@@ -989,7 +997,7 @@
 	setbuf(ToServer, xmalloc(BUFSIZ));
 	fprintf(ToServer, "mode reader\r\n");
 	SafeFlush(ToServer);
-	if (fgets(buff, HEADER_STRLEN, FromServer) == NULL)
+	if (fgets(buff, MED_BUFFER, FromServer) == NULL)
             sysdie("cannot tell server we're reading");
 	if ((j = atoi(buff)) != NNTP_ERR_COMMAND)
 	    i = j;
@@ -1026,13 +1034,6 @@
     /* Do final checks. */
     if (i == 0 && HDR(_control) == NULL)
         die("article is empty");
-    for (hp = Table; hp < ARRAY_END(Table); hp++)
-	if (hp->Value && (int)strlen(hp->Value) + hp->Size > HEADER_STRLEN)
-            die("%s header is too long", hp->Name);
-    for (i = 0; i < OtherCount; i++)
-	if ((int)strlen(OtherHeaders[i]) > HEADER_STRLEN)
-            die("header too long (maximum length is %d): %.40s...",
-                HEADER_STRLEN, OtherHeaders[i]);
 
     if (Dump) {
 	/* Write the headers and a blank line. */



More information about the inn-committers mailing list