diff options
author | Eric Wong <e@yhbt.net> | 2020-06-10 07:05:06 +0000 |
---|---|---|
committer | Eric Wong <e@yhbt.net> | 2020-06-13 07:55:45 +0000 |
commit | 7240a93c7dac9e1e73c7792e48a80df9ddf1eae0 (patch) | |
tree | 31d3a264a7319a700e1ae15ca9ffd63978a807c9 /lib/PublicInbox/IMAP.pm | |
parent | 8af34015e9aa94e5ae4ae9e9fd2c4d155453ac94 (diff) | |
download | public-inbox-7240a93c7dac9e1e73c7792e48a80df9ddf1eae0.tar.gz |
RFC 2683 section 3.2.1.5 recommends it: > For its part, a server should allow for a command line of at least > 8000 octets. This provides plenty of leeway for accepting reasonable > length commands from clients. The server should send a BAD response > to a command that does not end within the server's maximum accepted > command length. To conserve memory, we won't bother reading the entire line before sending the BAD response and disconnecting them.
Diffstat (limited to 'lib/PublicInbox/IMAP.pm')
-rw-r--r-- | lib/PublicInbox/IMAP.pm | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/PublicInbox/IMAP.pm b/lib/PublicInbox/IMAP.pm index b3c449b0..2e50415d 100644 --- a/lib/PublicInbox/IMAP.pm +++ b/lib/PublicInbox/IMAP.pm @@ -36,7 +36,7 @@ for my $mod (qw(Email::Address::XS Mail::Address)) { } die "neither Email::Address::XS nor Mail::Address loaded: $@" if !$Address; -sub LINE_MAX () { 512 } # does RFC 3501 have a limit like RFC 977? +sub LINE_MAX () { 8000 } # RFC 2683 3.2.1.5 # changing this will cause grief for clients which cache sub UID_BLOCK () { 50_000 } @@ -1170,7 +1170,10 @@ sub event_step { my $rbuf = $self->{rbuf} // \(my $x = ''); my $line = index($$rbuf, "\n"); while ($line < 0) { - return $self->close if length($$rbuf) >= LINE_MAX; + if (length($$rbuf) >= LINE_MAX) { + $self->write(\"\* BAD request too long\r\n"); + return $self->close; + } $self->do_read($rbuf, LINE_MAX, length($$rbuf)) or return; $line = index($$rbuf, "\n"); } |