count single \r or \n as \r\n while checking line length against MAXHEADERSIZE
Florian Schlichting
fschlich at CIS.FU-Berlin.DE
Wed Sep 15 15:28:00 UTC 2010
Hi Julien,
On Tue, Aug 03, 2010 at 10:31:07PM +0200, Julien ÉLIE wrote:
> >I think the question should be, do we really need to reject articles
> >whose header line length exceeds 998 bytes?
>
> We could accept them.
>
> RFC 5536:
>
> o Compliant software MUST NOT generate (but MAY accept) header field
> lines of more than 998 octets.
>
>
>
> >My patch made innd a little more permissive to accommodate for existing
> >articles created by broken clients. If innd really can handle header and
> >body lines of arbitrary length, we might consider dropping that kind of
> >check altogether (for innd, not for nnrpd of course). But since there
> >doesn't seem to be an actual need for this, we might rather leave things
> >as they are and thus prevent the eventual propagation of extraordinarily
> >broken articles and the bugs they might trigger in less robust servers
> >and clients.
>
> I also agree with you. Let's keep the check for the time being.
I'm having second thoughts on this issue. Today I noticed that 20-30
articles get rejected every day due to References: headers longer than
998 bytes (but almost always shorter than 1024 bytes) - current innd has
become more restrictive than most software in productive use! That's not good.
Perhaps we should in fact abolish the check or
test against a larger size (BIG_BUFFER?) if we don't want to accept
anything?
Unfortunately, nnrpd currently relies on innd to check header line
length. So I've tried to implement the check in nnrpd, but I think the
error handling looks ugly...
What do you think?
Florian
--- a/nnrpd/post.c
+++ b/nnrpd/post.c
@@ -164,12 +164,21 @@ TrimSpaces(char *p)
static char *
NextHeader(char *p)
{
- for ( ; (p = strchr(p, '\n')) != NULL; p++) {
+ char *q;
+
+ for (q = p; (p = strchr(p, '\n')) != NULL; p++) {
+ if (p - q > MAXARTLINELENGTH) {
+ strlcpy(Error, "Header line too long",
+ sizeof(Error));
+ return NULL;
+ }
if (ISWHITE(p[1]))
continue;
*p = '\0';
return p + 1;
}
+ strlcpy(Error, "Article has no body -- just headers",
+ sizeof(Error));
return NULL;
}
@@ -226,8 +235,7 @@ StripOffHeaders(char *article)
/* Get start of next header; if it's a blank line, we hit the end. */
if ((p = NextHeader(p)) == NULL) {
- strlcpy(Error, "Article has no body -- just headers",
- sizeof(Error));
+ /* Error set in NextHeader() */
return NULL;
}
if (*p == '\n')
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5557 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/inn-workers/attachments/20100915/50dc5abf/attachment.bin>
More information about the inn-workers
mailing list