Skip to content

smtpd: disconnect after overlong SMTP commands#22

Open
Komzpa wants to merge 1 commit into
vdukhovni:masterfrom
Komzpa:fixer-smtpd-overlong-command
Open

smtpd: disconnect after overlong SMTP commands#22
Komzpa wants to merge 1 commit into
vdukhovni:masterfrom
Komzpa:fixer-smtpd-overlong-command

Conversation

@Komzpa

@Komzpa Komzpa commented May 26, 2026

Copy link
Copy Markdown

Summary

The normal SMTP command loop currently reads commands through smtpd_chat_query(), which expands to smtpd_chat_query_limit(..., var_line_limit). That helper uses SMTP_GET_FLAG_SKIP, so when a client sends an overlong command and keeps the connection open, smtpd keeps draining input after the command is already past the configured line limit.

This change makes the normal command reader stop at the line limit, reject the malformed command, and end the session. smtpd_chat_query_limit() still keeps the old skip behavior for caller-bounded SASL continuation reads.

Validation

  • make makefiles shared=yes dynamicmaps=no CCARGS='-DNO_DB -DNO_NIS' default_database_type=cdb default_cache_db_type=lmdb
  • make -j32
  • Helper-level check against smtp_get_noexcept():
    • SMTP_GET_FLAG_NONE returned immediately after the 4-byte bound: last=68 len=4 text=ABCD
    • SMTP_GET_FLAG_SKIP waited for the missing newline and timed out under timeout 2s
  • git diff --check

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant