You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by no...@apache.org on 2012/01/27 20:30:24 UTC

svn commit: r1236850 - in /james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty: IMAPServer.java ImapRequestFrameDecoder.java NettyImapRequestLineReader.java

Author: norman
Date: Fri Jan 27 19:30:23 2012
New Revision: 1236850

URL: http://svn.apache.org/viewvc?rev=1236850&view=rev
Log:
Allow to limit the max size of a literal for security reasons. Default is unlimited

Modified:
    james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java
    james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/ImapRequestFrameDecoder.java
    james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/NettyImapRequestLineReader.java

Modified: james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java
URL: http://svn.apache.org/viewvc/james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java?rev=1236850&r1=1236849&r2=1236850&view=diff
==============================================================================
--- james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java (original)
+++ james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java Fri Jan 27 19:30:23 2012
@@ -73,6 +73,9 @@ public class IMAPServer extends Abstract
     
     private int timeout;
     
+    private int literalSizeLimit;
+
+
     // Use a big default
     public final static int DEFAULT_MAX_LINE_LENGTH = 65536;
 
@@ -82,7 +85,8 @@ public class IMAPServer extends Abstract
     // default timeout is 30 seconds
     public final static int DEFAULT_TIMEOUT = 30 * 60;
 
-    
+    public final static int DEFAULT_LITERAL_SIZE_LIMIT = 0;
+
     @Resource(name = "imapDecoder")
     public void setImapDecoder(ImapDecoder decoder) {
         this.decoder = decoder;
@@ -105,6 +109,8 @@ public class IMAPServer extends Abstract
         compress = configuration.getBoolean("compress", false);
         maxLineLength = configuration.getInt("maxLineLength", DEFAULT_MAX_LINE_LENGTH);
         inMemorySizeLimit = configuration.getInt("inMemorySizeLimit", DEFAULT_IN_MEMORY_SIZE_LIMIT);
+        literalSizeLimit = configuration.getInt("literalSizeLimit", DEFAULT_LITERAL_SIZE_LIMIT);
+
         plainAuthDisallowed = configuration.getBoolean("plainAuthDisallowed", false);
         timeout = configuration.getInt("timeout", DEFAULT_TIMEOUT);
         if (timeout < DEFAULT_TIMEOUT) {
@@ -169,7 +175,7 @@ public class IMAPServer extends Abstract
                     pipeline.addLast(EXECUTION_HANDLER, ehandler);
 
                 }
-                pipeline.addLast(REQUEST_DECODER, new ImapRequestFrameDecoder(decoder, inMemorySizeLimit));
+                pipeline.addLast(REQUEST_DECODER, new ImapRequestFrameDecoder(decoder, inMemorySizeLimit, literalSizeLimit));
 
                 pipeline.addLast(CORE_HANDLER, createCoreHandler());
                 return pipeline;

Modified: james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/ImapRequestFrameDecoder.java
URL: http://svn.apache.org/viewvc/james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/ImapRequestFrameDecoder.java?rev=1236850&r1=1236849&r2=1236850&view=diff
==============================================================================
--- james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/ImapRequestFrameDecoder.java (original)
+++ james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/ImapRequestFrameDecoder.java Fri Jan 27 19:30:23 2012
@@ -50,13 +50,15 @@ public class ImapRequestFrameDecoder ext
 
     private final ImapDecoder decoder;
     private final int inMemorySizeLimit;
+    private final int literalSizeLimit;
     private final static String NEEDED_DATA = "NEEDED_DATA";
     private final static String STORED_DATA = "STORED_DATA";
     private final static String WRITTEN_DATA = "WRITTEN_DATA";
 
-    public ImapRequestFrameDecoder(ImapDecoder decoder, int inMemorySizeLimit) {
+    public ImapRequestFrameDecoder(ImapDecoder decoder, int inMemorySizeLimit, int literalSizeLimit) {
         this.decoder = decoder;
         this.inMemorySizeLimit = inMemorySizeLimit;
+        this.literalSizeLimit = literalSizeLimit;
     }
 
     @Override
@@ -152,10 +154,10 @@ public class ImapRequestFrameDecoder ext
 
             } else {
 
-                reader = new NettyImapRequestLineReader(channel, buffer, retry);
+                reader = new NettyImapRequestLineReader(channel, buffer, retry, literalSizeLimit);
             }
         } else {
-            reader = new NettyImapRequestLineReader(channel, buffer, retry);
+            reader = new NettyImapRequestLineReader(channel, buffer, retry, literalSizeLimit);
         }
 
         ImapSession session = (ImapSession) attributes.get(channel);

Modified: james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/NettyImapRequestLineReader.java
URL: http://svn.apache.org/viewvc/james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/NettyImapRequestLineReader.java?rev=1236850&r1=1236849&r2=1236850&view=diff
==============================================================================
--- james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/NettyImapRequestLineReader.java (original)
+++ james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/NettyImapRequestLineReader.java Fri Jan 27 19:30:23 2012
@@ -22,6 +22,7 @@ package org.apache.james.imapserver.nett
 import java.io.InputStream;
 
 import org.apache.commons.io.input.BoundedInputStream;
+import org.apache.james.imap.api.display.HumanReadableText;
 import org.apache.james.imap.decode.DecodingException;
 import org.apache.james.imap.decode.ImapRequestLineReader;
 import org.apache.james.imap.decode.base.EolInputStream;
@@ -39,12 +40,14 @@ public class NettyImapRequestLineReader 
 
     private ChannelBuffer buffer;
     private int read = 0;
+    private final int maxLiteralSize;
 
-    public NettyImapRequestLineReader(Channel channel, ChannelBuffer buffer, boolean retry) {
+    public NettyImapRequestLineReader(Channel channel, ChannelBuffer buffer, boolean retry, int maxLiteralSize) {
         super(channel, retry);
         this.buffer = buffer;
-
+        this.maxLiteralSize  = maxLiteralSize;
     }
+    
 
     /**
      * Return the next char to read. This will return the same char on every
@@ -80,6 +83,10 @@ public class NettyImapRequestLineReader 
         if (extraCRLF) {
             crlf = 2;
         }
+        
+        if (maxLiteralSize > 0 && maxLiteralSize > size) {
+            throw new DecodingException(HumanReadableText.FAILED, "Specified literal is greater then the allowed size");
+        }
         // Check if we have enough data
         if (size + crlf > buffer.readableBytes()) {
             // ok let us throw a exception which till the decoder how many more



---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org