summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorGilles Chehade <gilles@cvs.openbsd.org>2014-10-15 08:04:42 +0000
committerGilles Chehade <gilles@cvs.openbsd.org>2014-10-15 08:04:42 +0000
commitb426c8a2b91df2a0bf95457ed804a5dfc2cdcf42 (patch)
treee5ee1852fe4d91e3498f2756a86a690a9d0c7d5b /usr.sbin
parent4daac913cc6b2cf410c1de81aa09fcc4be25cf95 (diff)
add a (high) limit to the number of header lines we're willing to keep in
memory for rewriting purposes, this will prevent sessions from sending an insanely large number of continuations to a single header and starve us.
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/smtpd/rfc822.c5
-rw-r--r--usr.sbin/smtpd/rfc822.h4
2 files changed, 7 insertions, 2 deletions
diff --git a/usr.sbin/smtpd/rfc822.c b/usr.sbin/smtpd/rfc822.c
index 0eec9a3c28f..8e19f960c35 100644
--- a/usr.sbin/smtpd/rfc822.c
+++ b/usr.sbin/smtpd/rfc822.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rfc822.c,v 1.3 2014/10/15 07:35:09 gilles Exp $ */
+/* $OpenBSD: rfc822.c,v 1.4 2014/10/15 08:04:41 gilles Exp $ */
/*
* Copyright (c) 2014 Gilles Chehade <gilles@poolp.org>
@@ -114,6 +114,7 @@ parse_addresses(struct rfc822_parser *rp, const char *buffer, size_t len)
}
TAILQ_INSERT_TAIL(&rp->addresses, ra, next);
+ rp->count++;
/* do we have more to process ? */
for (; *s; ++s, --len)
@@ -156,5 +157,7 @@ rfc822_parser_reset(struct rfc822_parser *rp)
int
rfc822_parser_feed(struct rfc822_parser *rp, const char *line)
{
+ if (rp->count >= RFC822_MAX_BUFFERS)
+ return -1;
return parse_addresses(rp, line, strlen(line));
}
diff --git a/usr.sbin/smtpd/rfc822.h b/usr.sbin/smtpd/rfc822.h
index 0e602e23d21..aafb3770621 100644
--- a/usr.sbin/smtpd/rfc822.h
+++ b/usr.sbin/smtpd/rfc822.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: rfc822.h,v 1.1 2014/10/12 18:54:31 gilles Exp $ */
+/* $OpenBSD: rfc822.h,v 1.2 2014/10/15 08:04:41 gilles Exp $ */
/*
* Copyright (c) 2014 Gilles Chehade <gilles@poolp.org>
@@ -20,6 +20,7 @@
#define _RFC822_H_
#define RFC822_MAX_LINE_SIZE 998
+#define RFC822_MAX_BUFFERS 1000
struct rfc822_address {
TAILQ_ENTRY(rfc822_address) next;
@@ -28,6 +29,7 @@ struct rfc822_address {
};
struct rfc822_parser {
+ size_t count;
TAILQ_HEAD(addresses, rfc822_address) addresses;
uint8_t quote;