Commit 1ca6ed7b authored by Steve Holme's avatar Steve Holme
Browse files

ftpserver.pl: Added argument check to IMAP command handlers 

Added BAD argument check to the following IMAP command handlers:

APPEND, STORE, LIST, EXAMINE, STATUS and SEARCH
parent aa51d3a1

tests/ftpserver.pl

+100 −74
Original line number Diff line number Diff line
@@ -877,6 +877,10 @@ sub APPEND_imap { 
    my ($mailbox, $size) = ($1, $2);

    fix_imap_params($mailbox);



    if($mailbox eq "") {

        sendcontrol "$cmdid BAD Command Argument\r\n";

    }

    else {

        sendcontrol "+ Ready for literal data\r\n";



        my $testno = $mailbox;
@@ -936,6 +940,7 @@ sub APPEND_imap { 
        logmsg "received $size bytes upload\n";



        sendcontrol "$cmdid OK APPEND completed\r\n";

    }



    return 0;

}
@@ -950,6 +955,9 @@ sub STORE_imap { 
    if ($selected eq "") {

        sendcontrol "$cmdid BAD Command received in Invalid state\r\n";

    }

    elsif (($uid eq "") || ($what eq "")) {

        sendcontrol "$cmdid BAD Command Argument\r\n";

    }

    else {

        sendcontrol "* $uid FETCH (FLAGS (\\Seen \\Deleted))\r\n";

        sendcontrol "$cmdid OK STORE completed\r\n";
@@ -961,7 +969,6 @@ sub STORE_imap { 
sub LIST_imap {

    my ($args) = @_;

    my ($reference, $mailbox) = split(/ /, $args, 2);

    my @data;

    fix_imap_params($reference, $mailbox);



    logmsg "LIST_imap got $args\n";
@@ -969,12 +976,18 @@ sub LIST_imap { 
    if ($reference eq "verifiedserver") {

        # this is the secret command that verifies that this actually is

        # the curl test server

        @data = ("* LIST () \"/\" \"WE ROOLZ: $$\"\r\n");

        sendcontrol "* LIST () \"/\" \"WE ROOLZ: $$\"\r\n";

        sendcontrol "$cmdid OK LIST Completed\r\n";



        if($verbose) {

            print STDERR "FTPD: We returned proof we are the test server\n";

        }



        logmsg "return proof we are we\n";

    }

    elsif ($reference eq "") {

        sendcontrol "$cmdid BAD Command Argument\r\n";

    }

    else {

        my $testno = $reference;
@@ -987,14 +1000,14 @@ sub LIST_imap { 


        loadtest("$srcdir/data/test$testno");



        @data = getpart("reply", "data$testpart");

    }

        my @data = getpart("reply", "data$testpart");



        for my $d (@data) {

            sendcontrol $d;

        }



        sendcontrol "$cmdid OK LIST Completed\r\n";

    }



    return 0;

}
@@ -1003,8 +1016,12 @@ sub EXAMINE_imap { 
    my ($testno) = @_;

    fix_imap_params($testno);



    logmsg "EXAMINE_imap got test $testno\n";

    logmsg "EXAMINE_imap got $testno\n";



    if ($testno eq "") {

        sendcontrol "$cmdid BAD Command Argument\r\n";

    }

    else {

        $testno =~ s/[^0-9]//g;

        my $testpart = "";

        if ($testno > 10000) {
@@ -1021,6 +1038,7 @@ sub EXAMINE_imap { 
        }



        sendcontrol "$cmdid OK [READ-ONLY] EXAMINE completed\r\n";

    }



    return 0;

}
@@ -1029,8 +1047,12 @@ sub STATUS_imap { 
    my ($testno) = @_;

    fix_imap_params($testno);



    logmsg "STATUS_imap got test $testno\n";

    logmsg "STATUS_imap got $testno\n";



    if ($testno eq "") {

        sendcontrol "$cmdid BAD Command Argument\r\n";

    }

    else {

        $testno =~ s/[^0-9]//g;

        my $testpart = "";

        if ($testno > 10000) {
@@ -1047,6 +1069,7 @@ sub STATUS_imap { 
        }



        sendcontrol "$cmdid OK STATUS completed\r\n";

    }



    return 0;

}
@@ -1060,6 +1083,9 @@ sub SEARCH_imap { 
    if ($selected eq "") {

        sendcontrol "$cmdid BAD Command received in Invalid state\r\n";

    }

    elsif ($what eq "") {

        sendcontrol "$cmdid BAD Command Argument\r\n";

    }

    else {

        my $testno = $selected;