Closed Bug 274546 Opened 21 years ago Closed 21 years ago

quota_data does not parse QUOTAROOT reponse per RFC

Categories

(Thunderbird :: General, defect)

Product:
Thunderbird
Component:
General
Platform:
All
Windows 2000
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: perry, Assigned: Bienvenu)

Details

Attachments

(1 file)

proposed fix
1.26 KB, patch
mscott
: superreview+
Details | Diff | Splinter Review
Routine quota_data in source file nsImapServerResponseParser.cpp does not properly handle the QUOTAROOT response from a server. The intent is to just ignore the QUOTAROOT response (the real information it's interested in is in the QUOTA response). It attempts to consume the line by calling skip_to_CRLF. However, the Quota RFC, 2087, documents the tokens on the QUOTAROOT response as astrings. astrings are documented in the IMAP RFC 2060 (and follow on) as being either, atoms, quoted strings or literals. This means a server that sends the QUOTAROOT response with one or more literals will have it's response misparsed (eg: client send->3 getquotaroot "INBOX"<CRLF> server replies->* QUOTAROOT {5}<CRLF> INBOX PRUITER<CRLF> * QUOTA PRUITER (STORAGE 19 1500)<CRLF> 3 OK GETQUOTAROOT completed<CRLF> (I've purposely annotated where the CRLFs would be). So simply consuming the QUOTAROOT response up to the next CRLF leaves the literal and remainder of the response in the command stream. A parsing error results and Thunderbird closes the connection to the server. As it current stands, Thunderbird CAN NOT BE USED against any server that responds with a literal in the QUOTAROOT response (since it issues getquotaroot as part of login processing). This is why I flagged the bug as major. Looks to be fairly simple to fix. quota_data needs to be a little smarter about consuming the QUOTAROOT response. Unfortunately I have no clue how to go about this (the first time I looked at the Thunderbird source was a couple hours ago), but hopefully this can be fixed in short order. Thanks ... Perry
I'll look at this right away.
Assignee: mscott → bienvenu
Status: UNCONFIRMED → NEW
Ever confirmed: true
Attached patch proposed fixSplinter Review
skip over the quota root; also fix a memory leak in the quota string handling.
Attachment #168701 - Flags: superreview?(mscott)
Attachment #168701 - Flags: superreview?(mscott) → superreview+
fixed on trunk.
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
cc'ing our parser expert
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: