Timo Sirainen
2012-Jun-19 23:36 UTC
[Dovecot] message parser: Fixed infinite loop when parsing a specific message.
I committed this change to all hg branches: http://hg.dovecot.org/dovecot-2.1/rev/4461b48fcc1f After that I realized that it doesn't actually matter, because it fixes only a situation where input buffer's size is less than 84 bytes. This happened on a test program where I was using a 64 byte buffer, but the real code in Dovecot always uses much larger buffers. So, don't worry, there's no way to actually DOS Dovecot with this. No need for distro people to create any security releases.
Seemingly Similar Threads
- [LLVMdev] Infinite loop parsing opt command line options
- Message parser loops on certain messages (e.g. with a trailing CR character)
- another assertion failure in current 1.1 hg (1.1.3 was working fine) - file message-address.c: line 43 (parse_local_part): assertion failed: (ctx->parser.data != ctx->parser.end)
- [898] branches/wxruby2/wxwidgets_282/swig/classes/App.i: Fix init of stock objects for Wx2.8 - was causing infinite loop +crash on OS X
- Regression in settings-parser.c (dovecot 2.0.11)
Wisdom of the Ancients
