IMAP: ignore unsolicited LIST and STATUS before we're authenticated (!6) · Merge requests · PIM / Trojitá

Jan Kundrát requested to merge work/bug-432353 into master Jan 31, 2022

Continuing from !5 (closed)

These responses were combined with legit responses which arrive from the real server later on, after having authenticated, and as a result, a malicious active attacker on a network was able to inject extra fake mailboxes to the GUI even when upgrading connection from plaintext to a secure one via STARTTLS.

These two responses are the only ones which are handled by our pre-task code directly in Model.cpp, which means that the state machine has to be checked and messages which are received prior to authentication must be rejected. Since this is really a pretty serious violation of the IMAP state machine, let's not ignore them silently, and simply treat them as any other unexpected response.

BUG: 432353
Change-Id: I9292fcb20215ebe4dbc7a103fc9403dfa97b258b
Reported-by: Damian Poddebniak
Co-authored-by: Espen Sandøy Hustad <espen@ehustad.com>
Reviewed-by: Caspar Schutijser <caspar@schutijser.com>

Edited Jan 31, 2022 by Jan Kundrát

IMAP: ignore unsolicited LIST and STATUS before we're authenticated

Merge request reports