diff options
| author | Miran <narimiran@disroot.org> | 2020-07-21 22:49:08 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-07-21 22:49:08 +0200 |
| commit | 5fafa2fd5c78232e4fe2d3d13bc67ab6c0cda0bb (patch) | |
| tree | 1ae4aba6489d7cdc66a19340b3ebaec2cc9ddfa7 /lib/pure/smtp.nim | |
| parent | 450a3e3179096c09cb473956386940a212f9a1d2 (diff) | |
| download | Nim-5fafa2fd5c78232e4fe2d3d13bc67ab6c0cda0bb.tar.gz | |
fix several newline problems (#15028) [backend]
* prevent newlines where they shouldn't be * 'contentLength' shouldn't be negative
Diffstat (limited to 'lib/pure/smtp.nim')
| -rw-r--r-- | lib/pure/smtp.nim | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/lib/pure/smtp.nim b/lib/pure/smtp.nim index f24815a1d..7d426041d 100644 --- a/lib/pure/smtp.nim +++ b/lib/pure/smtp.nim @@ -43,7 +43,7 @@ ## For SSL support this module relies on OpenSSL. If you want to ## enable SSL, compile with ``-d:ssl``. -import net, strutils, strtabs, base64, os +import net, strutils, strtabs, base64, os, strutils import asyncnet, asyncdispatch export Port @@ -65,6 +65,11 @@ type Smtp* = SmtpBase[Socket] AsyncSmtp* = SmtpBase[AsyncSocket] +proc containsNewline(xs: seq[string]): bool = + for x in xs: + if x.contains({'\c', '\L'}): + return true + proc debugSend*(smtp: Smtp | AsyncSmtp, cmd: string) {.multisync.} = ## Sends ``cmd`` on the socket connected to the SMTP server. ## @@ -119,6 +124,14 @@ else: proc createMessage*(mSubject, mBody: string, mTo, mCc: seq[string], otherHeaders: openarray[tuple[name, value: string]]): Message = ## Creates a new MIME compliant message. + ## + ## You need to make sure that ``mSubject``, ``mTo`` and ``mCc`` don't contain + ## any newline characters. Failing to do so will raise ``AssertionDefect``. + doAssert(not mSubject.contains({'\c', '\L'}), + "'mSubject' shouldn't contain any newline characters") + doAssert(not (mTo.containsNewline() or mCc.containsNewline()), + "'mTo' and 'mCc' shouldn't contain any newline characters") + result.msgTo = mTo result.msgCc = mCc result.msgSubject = mSubject @@ -130,6 +143,13 @@ proc createMessage*(mSubject, mBody: string, mTo, mCc: seq[string], proc createMessage*(mSubject, mBody: string, mTo, mCc: seq[string] = @[]): Message = ## Alternate version of the above. + ## + ## You need to make sure that ``mSubject``, ``mTo`` and ``mCc`` don't contain + ## any newline characters. Failing to do so will raise ``AssertionDefect``. + doAssert(not mSubject.contains({'\c', '\L'}), + "'mSubject' shouldn't contain any newline characters") + doAssert(not (mTo.containsNewline() or mCc.containsNewline()), + "'mTo' and 'mCc' shouldn't contain any newline characters") result.msgTo = mTo result.msgCc = mCc result.msgSubject = mSubject @@ -247,6 +267,11 @@ proc sendMail*(smtp: Smtp | AsyncSmtp, fromAddr: string, ## Sends ``msg`` from ``fromAddr`` to the addresses specified in ``toAddrs``. ## Messages may be formed using ``createMessage`` by converting the ## Message into a string. + ## + ## You need to make sure that ``fromAddr`` and ``toAddrs`` don't contain + ## any newline characters. Failing to do so will raise ``AssertionDefect``. + doAssert(not (toAddrs.containsNewline() or fromAddr.contains({'\c', '\L'})), + "'toAddrs' and 'fromAddr' shouldn't contain any newline characters") await smtp.debugSend("MAIL FROM:<" & fromAddr & ">\c\L") await smtp.checkReply("250") |