blob: 0b30c99e0e11d40f16ef9d56609a3f8a1c3dff53 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
From 0827a7e52ba3d957a634b063bf5a391239b9ffee Mon Sep 17 00:00:00 2001
From: shugo <shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Wed, 8 Jun 2016 07:06:57 +0000
Subject: [PATCH] * lib/net/smtp.rb (getok, get_response): raise an
ArgumentError when CR or LF is included in a line, because they are not
allowed in RFC5321.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55324 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
lib/net/smtp.rb | 9 +++++++++
diff --git a/lib/net/smtp.rb b/lib/net/smtp.rb
index 250293bdbe21..a7130a593b40 100644
--- a/lib/net/smtp.rb
+++ b/lib/net/smtp.rb
@@ -926,7 +926,15 @@ def quit
private
+ def validate_line(line)
+ # A bare CR or LF is not allowed in RFC5321.
+ if /[\r\n]/ =~ line
+ raise ArgumentError, "A line must not contain CR or LF"
+ end
+ end
+
def getok(reqline)
+ validate_line reqline
res = critical {
@socket.writeline reqline
recv_response()
@@ -936,6 +944,7 @@ def getok(reqline)
end
def get_response(reqline)
+ validate_line reqline
@socket.writeline reqline
recv_response()
end
|
GitWeb
