diff options
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/managesieve/Changelog | 1 | ||||
-rw-r--r-- | plugins/managesieve/managesieve.php | 32 |
2 files changed, 31 insertions, 2 deletions
diff --git a/plugins/managesieve/Changelog b/plugins/managesieve/Changelog index a1dd7e0ca..c0428c4fc 100644 --- a/plugins/managesieve/Changelog +++ b/plugins/managesieve/Changelog @@ -1,6 +1,7 @@ - Fixed issue with DBMail bug [http://pear.php.net/bugs/bug.php?id=19077] (#1488594) - Added support for enotify/notify (RFC5435, RFC5436, draft-ietf-sieve-notify-00) - Change default port to 4190 (IANA-allocated), add port auto-detection (#1488713) +- Added request size limits detection and script corruption prevention (#1488648) * version 5.2 [2012-07-24] ----------------------------------------------------------- diff --git a/plugins/managesieve/managesieve.php b/plugins/managesieve/managesieve.php index 0ddeba542..7282ff2e0 100644 --- a/plugins/managesieve/managesieve.php +++ b/plugins/managesieve/managesieve.php @@ -530,9 +530,37 @@ class managesieve extends rcube_plugin // Init plugin and handle managesieve connection $error = $this->managesieve_start(); - // filters set add action - if (!empty($_POST['_newset'])) { + // get request size limits (#1488648) + $max_post = max(array( + ini_get('max_input_vars'), + ini_get('suhosin.request.max_vars'), + ini_get('suhosin.post.max_vars'), + )); + $max_depth = max(array( + ini_get('suhosin.request.max_array_depth'), + ini_get('suhosin.post.max_array_depth'), + )); + // check request size limit + if ($max_post && count($_POST, COUNT_RECURSIVE) >= $max_post) { + rcube::raise_error(array( + 'code' => 500, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Request size limit exceeded (one of max_input_vars/suhosin.request.max_vars/suhosin.post.max_vars)" + ), true, false); + $this->rc->output->show_message('managesieve.filtersaveerror', 'error'); + } + // check request depth limits + else if ($max_depth && count($_POST['_header']) > $max_depth) { + rcube::raise_error(array( + 'code' => 500, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Request size limit exceeded (one of suhosin.request.max_array_depth/suhosin.post.max_array_depth)" + ), true, false); + $this->rc->output->show_message('managesieve.filtersaveerror', 'error'); + } + // filters set add action + else if (!empty($_POST['_newset'])) { $name = get_input_value('_name', RCUBE_INPUT_POST, true); $copy = get_input_value('_copy', RCUBE_INPUT_POST, true); $from = get_input_value('_from', RCUBE_INPUT_POST); |