From owner-freebsd-hackers@FreeBSD.ORG  Mon Jan 19 13:48:57 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 92F9516A4CE
	for <freebsd-hackers@freebsd.org>;
	Mon, 19 Jan 2004 13:48:57 -0800 (PST)
Received: from reversedhell.net (reversedhell.net [216.240.143.80])
	by mx1.FreeBSD.org (Postfix) with SMTP id DEF2143D1F
	for <freebsd-hackers@freebsd.org>;
	Mon, 19 Jan 2004 13:48:55 -0800 (PST)
	(envelope-from aanton@reversedhell.net)
Received: (qmail 30846 invoked from network); 19 Jan 2004 21:51:12 -0000
Received: from unknown (HELO reversedhell.net) (81.196.32.25)
  by ns1.1plan.net with SMTP; 19 Jan 2004 21:51:12 -0000
Message-ID: <400C50EF.5080104@reversedhell.net>
Date: Mon, 19 Jan 2004 23:49:35 +0200
From: Anton Alin-Adrian <aanton@reversedhell.net>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US;
	rv:1.6b) Gecko/20031212 Thunderbird/0.4
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-hackers@freebsd.org
References: <20040120014314.S312-100000@prophet.alphaque.com>
	<400C3639.1000702@reversedhell.net>
In-Reply-To: <400C3639.1000702@reversedhell.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: qmail remote patch
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Jan 2004 21:48:57 -0000

This patch attempts to implement rfc821 a bit. Also it defines the pos 
var as unsigned. Working till now..

--- qmail-smtpd.c.orig  Mon Jun 15 13:53:16 1998
+++ qmail-smtpd.c       Mon Jan 19 23:29:35 2004
@@ -1,3 +1,15 @@
+/*
+*      This is a patched version of qmail, implementing RFC 821 
regarding text line limitations.
+*      Developed by Alin-Adrian Anton 
(aanton@reversedhell.net,burebista@lasting.ro)
+*
+*      You may remove this banner if it annoys you. This patch is 
public domain, for the
+*      benefit of the community.
+*
+*      It also fixes an integer overflow in the blast() function.
+       NOTE: it implements the most relaxed RFC821, as it is specified 
there.
+*/
+
+
 #include "sig.h"
 #include "readwrite.h"
 #include "stralloc.h"
@@ -48,7 +60,6 @@
 void die_control() { out("421 unable to read controls (#4.3.0)\r\n"); 
flush(); _exit(1); }
 void die_ipme() { out("421 unable to figure out my IP addresses 
(#4.3.0)\r\n"); flush(); _exit(1); }
 void straynewline() { out("451 See 
http://pobox.com/~djb/docs/smtplf.html.\r\n"); flush(); _exit(1); }
-
 void err_bmf() { out("553 sorry, your envelope sender is in my 
badmailfrom list (#5.7.1)\r\n"); }
 void err_nogateway() { out("553 sorry, that domain isn't in my list of 
allowed rcpthosts (#5.7.1)\r\n"); }
 void err_unimpl() { out("502 unimplemented (#5.5.1)\r\n"); }
@@ -58,7 +69,7 @@
 void err_noop() { out("250 ok\r\n"); }
 void err_vrfy() { out("252 send some mail, i'll try my best\r\n"); }
 void err_qqt() { out("451 qqt failure (#4.3.0)\r\n"); }
-
+void err_longline() { out("500 Line too long, please read RFC 
821.\r\n"); flush(); _exit(1); }
 
 stralloc greeting = {0};
 
@@ -293,10 +304,46 @@
 void blast(hops)
 int *hops;
 {
+
+/*
+*RFC 821                                                      August 1982
+*                                           Simple Mail Transfer Protocol
+*
+*            text line
+*
+*               The maximum total length of a text line including the
+*               <CRLF> is 1000 characters (but not counting the leading
+*               dot duplicated for transparency).
+*
+*            recipients buffer
+*
+*               The maximum total number of recipients that must be
+*               buffered is 100 recipients.
+*
+*
+*          ****************************************************
+*          *                                                  *
+*          *  TO THE MAXIMUM EXTENT POSSIBLE, IMPLEMENTATION  *
+*          *  TECHNIQUES WHICH IMPOSE NO LIMITS ON THE LENGTH *
+*          *  OF THESE OBJECTS SHOULD BE USED.                *
+*          *                                                  *
+*          ****************************************************
+*
+*         Errors due to exceeding these limits may be reported by using
+*         the reply codes, for example:
+*
+*            500 Line too long.
+*
+*            501 Path too long
+*
+*            552 Too many recipients.
+*
+*            552 Too much mail data.
+*/
   char ch;
   int state;
   int flaginheader;
-  int pos; /* number of bytes since most recent \n, if fih */
+  unsigned int pos; /* number of bytes since most recent \n, if fih */
   int flagmaybex; /* 1 if this line might match RECEIVED, if fih */
   int flagmaybey; /* 1 if this line might match \r\n, if fih */
   int flagmaybez; /* 1 if this line might match DELIVERED, if fih */
@@ -317,7 +364,8 @@
         if (pos < 2) if (ch != "\r\n"[pos]) flagmaybey = 0;
         if (flagmaybey) if (pos == 1) flaginheader = 0;
       }
-      ++pos;
+        if (++pos>65535-1) err_longline(); /* will bail out nicely with 
err 500 */
+
       if (ch == '\n') { pos = 0; flagmaybex = flagmaybey = flagmaybez = 
1; }
     }
     switch(state) {