You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by no...@apache.org on 2012/01/27 20:30:24 UTC
svn commit: r1236850 - in
/james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty:
IMAPServer.java ImapRequestFrameDecoder.java NettyImapRequestLineReader.java
Author: norman
Date: Fri Jan 27 19:30:23 2012
New Revision: 1236850
URL: http://svn.apache.org/viewvc?rev=1236850&view=rev
Log:
Allow to limit the max size of a literal for security reasons. Default is unlimited
Modified:
james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java
james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/ImapRequestFrameDecoder.java
james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/NettyImapRequestLineReader.java
Modified: james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java
URL: http://svn.apache.org/viewvc/james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java?rev=1236850&r1=1236849&r2=1236850&view=diff
==============================================================================
--- james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java (original)
+++ james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/IMAPServer.java Fri Jan 27 19:30:23 2012
@@ -73,6 +73,9 @@ public class IMAPServer extends Abstract
private int timeout;
+ private int literalSizeLimit;
+
+
// Use a big default
public final static int DEFAULT_MAX_LINE_LENGTH = 65536;
@@ -82,7 +85,8 @@ public class IMAPServer extends Abstract
// default timeout is 30 seconds
public final static int DEFAULT_TIMEOUT = 30 * 60;
-
+ public final static int DEFAULT_LITERAL_SIZE_LIMIT = 0;
+
@Resource(name = "imapDecoder")
public void setImapDecoder(ImapDecoder decoder) {
this.decoder = decoder;
@@ -105,6 +109,8 @@ public class IMAPServer extends Abstract
compress = configuration.getBoolean("compress", false);
maxLineLength = configuration.getInt("maxLineLength", DEFAULT_MAX_LINE_LENGTH);
inMemorySizeLimit = configuration.getInt("inMemorySizeLimit", DEFAULT_IN_MEMORY_SIZE_LIMIT);
+ literalSizeLimit = configuration.getInt("literalSizeLimit", DEFAULT_LITERAL_SIZE_LIMIT);
+
plainAuthDisallowed = configuration.getBoolean("plainAuthDisallowed", false);
timeout = configuration.getInt("timeout", DEFAULT_TIMEOUT);
if (timeout < DEFAULT_TIMEOUT) {
@@ -169,7 +175,7 @@ public class IMAPServer extends Abstract
pipeline.addLast(EXECUTION_HANDLER, ehandler);
}
- pipeline.addLast(REQUEST_DECODER, new ImapRequestFrameDecoder(decoder, inMemorySizeLimit));
+ pipeline.addLast(REQUEST_DECODER, new ImapRequestFrameDecoder(decoder, inMemorySizeLimit, literalSizeLimit));
pipeline.addLast(CORE_HANDLER, createCoreHandler());
return pipeline;
Modified: james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/ImapRequestFrameDecoder.java
URL: http://svn.apache.org/viewvc/james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/ImapRequestFrameDecoder.java?rev=1236850&r1=1236849&r2=1236850&view=diff
==============================================================================
--- james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/ImapRequestFrameDecoder.java (original)
+++ james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/ImapRequestFrameDecoder.java Fri Jan 27 19:30:23 2012
@@ -50,13 +50,15 @@ public class ImapRequestFrameDecoder ext
private final ImapDecoder decoder;
private final int inMemorySizeLimit;
+ private final int literalSizeLimit;
private final static String NEEDED_DATA = "NEEDED_DATA";
private final static String STORED_DATA = "STORED_DATA";
private final static String WRITTEN_DATA = "WRITTEN_DATA";
- public ImapRequestFrameDecoder(ImapDecoder decoder, int inMemorySizeLimit) {
+ public ImapRequestFrameDecoder(ImapDecoder decoder, int inMemorySizeLimit, int literalSizeLimit) {
this.decoder = decoder;
this.inMemorySizeLimit = inMemorySizeLimit;
+ this.literalSizeLimit = literalSizeLimit;
}
@Override
@@ -152,10 +154,10 @@ public class ImapRequestFrameDecoder ext
} else {
- reader = new NettyImapRequestLineReader(channel, buffer, retry);
+ reader = new NettyImapRequestLineReader(channel, buffer, retry, literalSizeLimit);
}
} else {
- reader = new NettyImapRequestLineReader(channel, buffer, retry);
+ reader = new NettyImapRequestLineReader(channel, buffer, retry, literalSizeLimit);
}
ImapSession session = (ImapSession) attributes.get(channel);
Modified: james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/NettyImapRequestLineReader.java
URL: http://svn.apache.org/viewvc/james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/NettyImapRequestLineReader.java?rev=1236850&r1=1236849&r2=1236850&view=diff
==============================================================================
--- james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/NettyImapRequestLineReader.java (original)
+++ james/server/trunk/protocols-imap4/src/main/java/org/apache/james/imapserver/netty/NettyImapRequestLineReader.java Fri Jan 27 19:30:23 2012
@@ -22,6 +22,7 @@ package org.apache.james.imapserver.nett
import java.io.InputStream;
import org.apache.commons.io.input.BoundedInputStream;
+import org.apache.james.imap.api.display.HumanReadableText;
import org.apache.james.imap.decode.DecodingException;
import org.apache.james.imap.decode.ImapRequestLineReader;
import org.apache.james.imap.decode.base.EolInputStream;
@@ -39,12 +40,14 @@ public class NettyImapRequestLineReader
private ChannelBuffer buffer;
private int read = 0;
+ private final int maxLiteralSize;
- public NettyImapRequestLineReader(Channel channel, ChannelBuffer buffer, boolean retry) {
+ public NettyImapRequestLineReader(Channel channel, ChannelBuffer buffer, boolean retry, int maxLiteralSize) {
super(channel, retry);
this.buffer = buffer;
-
+ this.maxLiteralSize = maxLiteralSize;
}
+
/**
* Return the next char to read. This will return the same char on every
@@ -80,6 +83,10 @@ public class NettyImapRequestLineReader
if (extraCRLF) {
crlf = 2;
}
+
+ if (maxLiteralSize > 0 && maxLiteralSize > size) {
+ throw new DecodingException(HumanReadableText.FAILED, "Specified literal is greater then the allowed size");
+ }
// Check if we have enough data
if (size + crlf > buffer.readableBytes()) {
// ok let us throw a exception which till the decoder how many more
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org