diff options
author | Thomas Bruederli <thomas@roundcube.net> | 2012-09-24 11:35:56 +0200 |
---|---|---|
committer | Thomas Bruederli <thomas@roundcube.net> | 2012-09-24 11:35:56 +0200 |
commit | 4bf16f47403144c6804446d03d9d99a38e78eacb (patch) | |
tree | 9ec5b78d5441ee076399d8c37b78ca6b119b72ec | |
parent | 371a09b0db94cf558441f4182887f87b970bdc86 (diff) | |
parent | 30f10bfe1685c18fa43f64603e1989355dc9b665 (diff) |
Merge branch 'master' of github.com:roundcube/roundcubemail
-rw-r--r-- | plugins/managesieve/Changelog | 1 | ||||
-rw-r--r-- | plugins/managesieve/managesieve.php | 32 |
2 files changed, 31 insertions, 2 deletions
diff --git a/plugins/managesieve/Changelog b/plugins/managesieve/Changelog index a1dd7e0ca..c0428c4fc 100644 --- a/plugins/managesieve/Changelog +++ b/plugins/managesieve/Changelog @@ -1,6 +1,7 @@ - Fixed issue with DBMail bug [http://pear.php.net/bugs/bug.php?id=19077] (#1488594) - Added support for enotify/notify (RFC5435, RFC5436, draft-ietf-sieve-notify-00) - Change default port to 4190 (IANA-allocated), add port auto-detection (#1488713) +- Added request size limits detection and script corruption prevention (#1488648) * version 5.2 [2012-07-24] ----------------------------------------------------------- diff --git a/plugins/managesieve/managesieve.php b/plugins/managesieve/managesieve.php index 0ddeba542..7282ff2e0 100644 --- a/plugins/managesieve/managesieve.php +++ b/plugins/managesieve/managesieve.php @@ -530,9 +530,37 @@ class managesieve extends rcube_plugin // Init plugin and handle managesieve connection $error = $this->managesieve_start(); - // filters set add action - if (!empty($_POST['_newset'])) { + // get request size limits (#1488648) + $max_post = max(array( + ini_get('max_input_vars'), + ini_get('suhosin.request.max_vars'), + ini_get('suhosin.post.max_vars'), + )); + $max_depth = max(array( + ini_get('suhosin.request.max_array_depth'), + ini_get('suhosin.post.max_array_depth'), + )); + // check request size limit + if ($max_post && count($_POST, COUNT_RECURSIVE) >= $max_post) { + rcube::raise_error(array( + 'code' => 500, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Request size limit exceeded (one of max_input_vars/suhosin.request.max_vars/suhosin.post.max_vars)" + ), true, false); + $this->rc->output->show_message('managesieve.filtersaveerror', 'error'); + } + // check request depth limits + else if ($max_depth && count($_POST['_header']) > $max_depth) { + rcube::raise_error(array( + 'code' => 500, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Request size limit exceeded (one of suhosin.request.max_array_depth/suhosin.post.max_array_depth)" + ), true, false); + $this->rc->output->show_message('managesieve.filtersaveerror', 'error'); + } + // filters set add action + else if (!empty($_POST['_newset'])) { $name = get_input_value('_name', RCUBE_INPUT_POST, true); $copy = get_input_value('_copy', RCUBE_INPUT_POST, true); $from = get_input_value('_from', RCUBE_INPUT_POST); |