Open yjm6560 opened 1 year ago
https://www.rfc-editor.org/rfc/rfc3501#section-9
response = *(continue-req / response-data) response-done response-done = response-tagged / response-fatal response-tagged = tag SP resp-cond-state CRLF resp-cond-state = ("OK" / "NO" / "BAD") SP resp-text ; Status condition resp-text = ["[" resp-text-code "]" SP] text text = 1*TEXT-CHAR TEXT-CHAR = <any CHAR except CR and LF>
resp-text comes after tag and status in tagged response(response-done) and it can be all characters except CR and LF. https://github.com/karastojko/mailio/blob/75db981761cdc1fbf47a48f2f8f45fa283ed3781/src/imap.cpp#L247-L249 however mailio::imap::parse_response tries to parse it and can raise exception in following example.
resp-text
tag
response-done
mailio::imap::parse_response
e.g. mailbox name is mailbox) and gmail imap server sends it in resp-text.
mailbox)
$ openssl s_client -connect imap.gmail.com:993 -quiet -crlf ... # login 2 SELECT "mailbox)" # send SELECT command # receive response ... # receive untagged response 2 OK [READ-WRITE] mailbox) selected. (Success) # tagged response. resp-text is "mailbox) selected. (Success)"
mailio::imap::parse_response tries to parse [READ-WRITE] mailbox) selected. (Success) and raise exception since parenthesis_counter is 0. https://github.com/karastojko/mailio/blob/75db981761cdc1fbf47a48f2f8f45fa283ed3781/src/imap.cpp#L1171-L1178
[READ-WRITE] mailbox) selected. (Success)
parenthesis_counter
this problem can occurs in untagged status response like * BYE test))) data is invalid.
* BYE test))) data is invalid
in additionally, it looks there is no part checking if status is PREAUTH and BYE in untagged status response.
PREAUTH
BYE
https://www.rfc-editor.org/rfc/rfc3501#section-9
resp-text
comes aftertag
and status in tagged response(response-done
) and it can be all characters except CR and LF. https://github.com/karastojko/mailio/blob/75db981761cdc1fbf47a48f2f8f45fa283ed3781/src/imap.cpp#L247-L249 howevermailio::imap::parse_response
tries to parse it and can raise exception in following example.e.g. mailbox name is
mailbox)
and gmail imap server sends it inresp-text
.mailio::imap::parse_response
tries to parse[READ-WRITE] mailbox) selected. (Success)
and raise exception sinceparenthesis_counter
is 0. https://github.com/karastojko/mailio/blob/75db981761cdc1fbf47a48f2f8f45fa283ed3781/src/imap.cpp#L1171-L1178this problem can occurs in untagged status response like
* BYE test))) data is invalid
.in additionally, it looks there is no part checking if status is
PREAUTH
andBYE
in untagged status response.