projects / dovecot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3f63b71)
[PATCH 2/3] imap-acl: Fail if ACL identifier is invalid
authorTimo Sirainen <timo.sirainen@open-xchange.com>
Wed, 22 Apr 2026 12:44:24 +0000 (15:44 +0300)
committerNoah Meyerhans <noahm@debian.org>
Mon, 18 May 2026 20:03:51 +0000 (16:03 -0400)
Reject invalid identifiers early in imap_acl_identifier_parse() using
acl_id_is_valid(). This prevents CR/LF injection and rejects identifiers
that are too long, contain control characters or are not valid UTF-8.

Gbp-Pq: Name CVE-2026-40020-2.patch

src/plugins/imap-acl/imap-acl-plugin.c patch | blob | history

diff --git a/src/plugins/imap-acl/imap-acl-plugin.c b/src/plugins/imap-acl/imap-acl-plugin.c
index df403d0d9744aa8ed9b634893e16c9a651b797ce..20fe1342d654d78675d32d4b5dd6d6b081fec56a 100644 (file)
--- a/src/plugins/imap-acl/imap-acl-plugin.c
+++ b/src/plugins/imap-acl/imap-acl-plugin.c
@@ -872,6 +872,11 @@ imap_acl_identifier_parse(struct client_command_context *cmd,
        allow_anyone = set->allow_anyone;
        settings_free(set);
 
+       if (!acl_id_is_valid(id)) {
+               *client_error_r = "Invalid identifier";
+               return -1;
+       }
+
        if (str_begins_with(id, IMAP_ACL_GLOBAL_PREFIX)) {
                *client_error_r = t_strdup_printf(
                        "Global ACLs can't be modified: %s", id);
Unnamed repository; edit this file 'description' to name the repository.