You need to sign in or sign up before continuing.
-
Alberto Bertogli authored
On the smtp client package, there is no limit to the length of the server's replies, so an evil server could cause a memory exhaustion DoS by issuing very long lines. This patch fixes the bug by limiting the total size of received data. Ideally this would be done per-line instead, but gets much more complex, so this is a compromise. The limit chosen is 2 MiB, which should be plenty for any the total size of server-side replies, considering we only send a single message per connection anyway. This is similar to 06d808c8 (smtpsrv: Limit incoming line length), which was found and reported by Max Mazurov (fox.cpp@disroot.org).
d7006d0e