* lib/net/imap.rb (flag_list): untaint strings to intern in the safe

level 1. * lib/net/imap.rb (max_flag_count=): new methods to set the max number of flags interned to symbols. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@25858 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2025-08-24 21:44:30 +02:00 · 2009-11-19 13:38:35 +00:00 · 2009-11-19 13:38:35 +00:00 · c20c7f1e2e
commit c20c7f1e2e
parent cdcdabfc49
2 changed files with 87 additions and 1 deletions
--- a/lib/net/imap.rb
+++ b/lib/net/imap.rb
@ -269,6 +269,16 @@ module Net
      return @@debug = val
    end

+    # Returns the max number of flags interned to symbols.
+    def self.max_flag_count
+      return @@max_flag_count
+    end
+
+    # Sets the max number of flags interned to symbols.
+    def self.max_flag_count=(count)
+      @@max_flag_count = count
+    end
+
    # Adds an authenticator for Net::IMAP#authenticate.  +auth_type+
    # is the type of authentication this authenticator supports
    # (for instance, "LOGIN").  The +authenticator+ is an object
@ -858,6 +868,7 @@ module Net

    @@debug = false
    @@authenticators = {}
+    @@max_flag_count = 10000

    # Creates a new Net::IMAP object and connects it to the specified
    # +port+ (143 by default) on the named +host+.  If +usessl+ is true, 
@ -1868,6 +1879,14 @@ module Net
    end

    class ResponseParser # :nodoc:
+      def initialize
+        @str = nil
+        @pos = nil
+        @lex_state = nil
+        @token = nil
+        @flag_symbols = {}
+      end
+
      def parse(str)
        @str = str
        @pos = 0
@ -2878,7 +2897,16 @@ module Net
        if @str.index(/\(([^)]*)\)/ni, @pos)
          @pos = $~.end(0)
          return $1.scan(FLAG_REGEXP).collect { |flag, atom|
-            atom || flag.capitalize.intern
+            if atom
+              atom
+            else
+              symbol = flag.capitalize.untaint.intern
+              @flag_symbols[symbol] = true
+              if @flag_symbols.length > IMAP.max_flag_count
+                raise FlagCountError, "number of flag symbols exceeded"
+              end
+              symbol
+            end
          }
        else
          parse_error("invalid flag list")
@ -3223,6 +3251,10 @@ module Net
    # out due to inactivity.
    class ByeResponseError < ResponseError
    end
+
+    # Error raised when too many flags are interned to symbols.
+    class FlagCountError < Error
+    end
  end
 end