From: Michael Tokarev (mjttls.msk.ru)
Date: Wed Jul 26 2006 - 09:04:34 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Wietse Venema wrote:
> Michael Tokarev:
> [ Charset ISO-8859-1 unsupported, converting... ]
>> The following patch (attached) changes smtpd to always
>> report actual message size if it exceed the limit (as
>> checked either by cleanup or by smtpd itself).
>> Currently postfix goes by this:
>>
>> 552 5.3.4 Error: message file too big
>>
>> With the change, it acts like this (example):
>>
>> 552 5.3.4 Error: message file too big (12914086 bytes)
>>
>> The patch changes state->act_size calculation to be
>> pefrormed always, regardless of error conditions
>> (adding length of the current line to state->act_size).
>> One possible issue with this is that when someone will
>> try to send huge amount of data, state->act_size may
>> overflow, but the only possible consequence is the
>> misleading error message. Ofcourse it's possible to
>> check for overflow and in case it's found, print
>> something like "(>xxx bytes)", but I don't think
>> it's worth the trouble.
>
> I would like to maintain higher standards. This also means fixing
> my own code, so that it does not overflow before doing the message
> size check:

It can overflow only if var_message_limit is near the maximum for
(u)long, so that one more line makes it overflow. I'd say it's
more than enouth to ensure var_message_limit is below [U]LONG_MAX
minus some sane number (line_length_limit or whatever) for this to
never happen at all.

Yes state->act_size may overflow. But if var_message_limit has
sane value, we will notice over-sized message BEFORE act_size will
overflow. And as the result, the only issue left is the mentioned
above misleading diagnostic message. Which can only happen (on a
32-bit architecture anyway) with amount of data > 2 gigabytes.

/mjt

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]