From: Maxim Dounin <mdounin@mdounin.ru>
Date: Wed, 19 May 2021 00:13:26 +0000 (+0300)
Subject: Mail: stricter checking of IMAP tags.
X-Git-Tag: release-1.21.0~13
X-Git-Url: http://www.kaiwu.me/postgresql/commit/?a=commitdiff_plain;h=4617dd64b863df111e33b1b395709f4c2f427350;p=nginx.git

Mail: stricter checking of IMAP tags.

Only "A-Za-z0-9-._" characters now allowed (which is stricter than what
RFC 3501 requires, but expected to be enough for all known clients),
and tags shouldn't be longer than 32 characters.
---

diff --git a/src/mail/ngx_mail_parse.c b/src/mail/ngx_mail_parse.c
index cc5293093..47c9e3a90 100644
--- a/src/mail/ngx_mail_parse.c
+++ b/src/mail/ngx_mail_parse.c
@@ -265,6 +265,17 @@ ngx_mail_imap_parse_command(ngx_mail_session_t *s)
             case LF:
                 s->state = sw_start;
                 return NGX_MAIL_PARSE_INVALID_COMMAND;
+            default:
+                if ((ch < 'A' || ch > 'Z') && (ch < 'a' || ch > 'z')
+                    && (ch < '0' || ch > '9') && ch != '-' && ch != '.'
+                    && ch != '_')
+                {
+                    goto invalid;
+                }
+                if (p - s->buffer->start > 31) {
+                    goto invalid;
+                }
+                break;
             }
             break;