| Summary: | Large X-UID mail headers in dovecot break clients | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 4 | Reporter: | Issue Tracker <tao> |
| Component: | dovecot | Assignee: | Michal Hlavinka <mhlavink> |
| Status: | CLOSED WONTFIX | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | 4.6 | CC: | bhamrick, bughunt, moshiro, ofourdan, tao |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2010-03-05 14:38:16 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Issue Tracker
2008-05-30 16:27:51 UTC
Unassigning myself from this ticket as tomorrow is my last day at RH.
Below is the patch backported to RHEL4. afaik X-UID headers aren't sent
as part of an email, they're added by the MDA. The workaround mentioned
in the initial problem description removes the X-UID and X-IMAPbase
entries from the mbox. In other words it fixes the problem after it has
already occurred. The patch below may prevent the invalid X-UID headers in
the first place, but we need to be able to reproduce the problem to confirm
this.
diff -urp dovecot-0.99.13/src/lib-index/mbox/mbox-index.c
dovecot-0.99.14/src/lib-index/mbox/mbox-index.c
--- dovecot-0.99.13/src/lib-index/mbox/mbox-index.c 2003-11-09
01:43:17.000000000 +1000
+++ dovecot-0.99.14/src/lib-index/mbox/mbox-index.c 2005-01-19
09:55:49.000000000 +1000
@@ -359,6 +359,11 @@ void mbox_header_cb(struct message_part
break;
ctx->uid = ctx->uid * 10 +
(hdr->value[i]-'0');
}
+ if (ctx->uid >= ctx->index->header->next_uid) {
+ /* unexpectedly large UID field.
+ don't allow it. */
+ ctx->uid = 0;
+ }
} else if (strcasecmp(hdr->name, "X-Status") == 0) {
/* update message flags */
ctx->flags |= mbox_get_status_flags(hdr->value,
This event sent from IssueTracker by mpoole [Support Engineering Group]
issue 146096
I am going to escalate this to BZ with the patch mentioned so that engineering might at least contemplate including it. Note that this will be aligned with 4.8 which likely the last RHEL4 release. Without a concrete reproducer there is every chance this will be rejected. This event sent from IssueTracker by mpoole [Support Engineering Group] issue 146096 Apparently triggered by header like X-UID: 2632762697 *** Bug 429100 has been marked as a duplicate of this bug. *** This request was evaluated by Red Hat Product Management for inclusion, but this component is not scheduled to be updated in the current Red Hat Enterprise Linux release. If you would like this request to be reviewed for the next minor release, ask your support representative to set the next rhel-x.y flag to "?". I'm sorry for not addressing the issue in RHEL-4. As dovecot is not scheduled for update in RHEL-4.9, I'm closing that bugzilla WONTFIX. If you are still experiencing the issue with RHEL-5, feel free to reopen it against RHEL-5. |