add a (high) limit to the number of header lines we're willing to keep in

memory for rewriting purposes, this will prevent sessions from sending an
insanely large number of continuations to a single header and starve us.

2 files changed, 7 insertions, 2 deletions

diff --git a/usr.sbin/smtpd/rfc822.c b/usr.sbin/smtpd/rfc822.c
index 0eec9a3c28f..8e19f960c35 100644
--- a/usr.sbin/smtpd/rfc822.c
+++ b/usr.sbin/smtpd/rfc822.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rfc822.c,v 1.3 2014/10/15 07:35:09 gilles Exp $	*/
+/*	$OpenBSD: rfc822.c,v 1.4 2014/10/15 08:04:41 gilles Exp $	*/
 
 /*
  * Copyright (c) 2014 Gilles Chehade <gilles@poolp.org>
@@ -114,6 +114,7 @@ parse_addresses(struct rfc822_parser *rp, const char *buffer, size_t len)
 	}
 
 	TAILQ_INSERT_TAIL(&rp->addresses, ra, next);
+	rp->count++;
 
 	/* do we have more to process ? */
 	for (; *s; ++s, --len)
@@ -156,5 +157,7 @@ rfc822_parser_reset(struct rfc822_parser *rp)
 int
 rfc822_parser_feed(struct rfc822_parser *rp, const char *line)
 {
+	if (rp->count >= RFC822_MAX_BUFFERS)
+		return -1;
 	return parse_addresses(rp, line, strlen(line));
 }
diff --git a/usr.sbin/smtpd/rfc822.h b/usr.sbin/smtpd/rfc822.h
index 0e602e23d21..aafb3770621 100644
--- a/usr.sbin/smtpd/rfc822.h
+++ b/usr.sbin/smtpd/rfc822.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rfc822.h,v 1.1 2014/10/12 18:54:31 gilles Exp $	*/
+/*	$OpenBSD: rfc822.h,v 1.2 2014/10/15 08:04:41 gilles Exp $	*/
 
 /*
  * Copyright (c) 2014 Gilles Chehade <gilles@poolp.org>
@@ -20,6 +20,7 @@
 #define	_RFC822_H_
 
 #define	RFC822_MAX_LINE_SIZE	998
+#define	RFC822_MAX_BUFFERS	1000
 
 struct rfc822_address {
 	TAILQ_ENTRY(rfc822_address)	next;
@@ -28,6 +29,7 @@ struct rfc822_address {
 };
 
 struct rfc822_parser {
+	size_t					count;
 	TAILQ_HEAD(addresses, rfc822_address)	addresses;
 
 	uint8_t				quote;