From 6d4b1ea59d1cc2987c5aa41018f7c7e5ef9e2d9a Mon Sep 17 00:00:00 2001
From: Stephan Bosch <stephan.bosch@open-xchange.com>
Date: Fri, 11 Sep 2020 02:41:34 +0200
Subject: [PATCH] testsuite: cmd-test-message - Properly check folder argument
 validity.

---
 Makefile.am                            |  3 ++-
 src/testsuite/cmd-test-message.c       | 23 +++++++++++++++++++++++
 tests/failures/mailbox-bad-utf8.svtest |  6 ++++++
 3 files changed, 31 insertions(+), 1 deletion(-)
 create mode 100644 tests/failures/mailbox-bad-utf8.svtest

diff --git a/Makefile.am b/Makefile.am
index 0e05c0957..6a3f0f789 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -195,7 +195,8 @@ $(test_cases):
 
 failure_test_cases = \
 	tests/failures/fuzz1.svtest \
-	tests/failures/fuzz2.svtest
+	tests/failures/fuzz2.svtest \
+	tests/failures/mailbox-bad-utf8.svtest
 
 $(failure_test_cases):
 	@$(TEST_BIN) -F $(top_srcdir)/$@
diff --git a/src/testsuite/cmd-test-message.c b/src/testsuite/cmd-test-message.c
index dd3c4caff..ff3670495 100644
--- a/src/testsuite/cmd-test-message.c
+++ b/src/testsuite/cmd-test-message.c
@@ -2,12 +2,14 @@
  */
 
 #include "lib.h"
+#include "str-sanitize.h"
 #include "istream.h"
 #include "mail-storage.h"
 
 #include "sieve-common.h"
 #include "sieve-commands.h"
 #include "sieve-message.h"
+#include "sieve-actions.h"
 #include "sieve-validator.h"
 #include "sieve-generator.h"
 #include "sieve-interpreter.h"
@@ -253,6 +255,20 @@ cmd_test_message_validate_folder_tag(struct sieve_validator *valdtr,
 		return FALSE;
 	}
 
+	/* Check name validity when folder argument is not a variable */
+	if ( sieve_argument_is_string_literal(*arg) ) {
+		const char *folder = sieve_ast_argument_strc(*arg), *error;
+
+		if ( !sieve_mailbox_check_name(folder, &error) ) {
+			sieve_command_validate_error(
+				valdtr, cmd, "%s command: "
+				"invalid mailbox `%s' specified: %s",
+				sieve_command_identifier(cmd),
+				str_sanitize(folder, 256), error);
+			return FALSE;
+		}
+	}
+
 	/* Skip parameter */
 	*arg = sieve_ast_argument_next(*arg);
 
@@ -450,6 +466,7 @@ cmd_test_message_mailbox_operation_execute(const struct sieve_runtime_env *renv,
 	sieve_number_t msg_index;
 	unsigned int is_test = 0;
 	bool result;
+	const char *error;
 	int ret;
 
 	/*
@@ -472,6 +489,12 @@ cmd_test_message_mailbox_operation_execute(const struct sieve_runtime_env *renv,
 	if (ret <= 0)
 		return ret;
 
+	if (!sieve_mailbox_check_name(str_c(folder), &error)) {
+		return testsuite_test_failf(
+			renv, "invalid mailbox `%s' specified: %s",
+			str_c(folder), error);
+	}
+
 	/*
 	 * Perform operation
 	 */
diff --git a/tests/failures/mailbox-bad-utf8.svtest b/tests/failures/mailbox-bad-utf8.svtest
new file mode 100644
index 000000000..ad104e5ab
--- /dev/null
+++ b/tests/failures/mailbox-bad-utf8.svtest
@@ -0,0 +1,6 @@
+require "vnd.dovecot.testsuite";
+require "encoded-character";
+
+test "Mailbox parameter with bad UTF-8" {
+	test_message :folder "I${hex:9b}BOX" 0;
+}
-- 
GitLab