Heya,

we are seeing some strange issues with IMAP ID command using latest Roundcube builds on dovecot 2.2.10 responding "Input buffer full, aborting".

Roundcube webmail connects to IMAP server and issues ID command first with some long arguments to ID command, however shorter than 1024 octets, which are specified in RFC2971 for ID IMAP extension.

The situation is easily reproducible (see http://pastebin.com/q4HX4wqb):
# telnet hostname 143
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Server ready. . ID ("name" "Roundcube" "version" "1.0-git" "php" "5.3.3" "os" "Linux" "command" "<$long_less_than_1024_octets_string>")
* BYE Input buffer full, aborting

However, this problem does not occur when user is already logged in.

RFC2971 is saying "Field strings MUST NOT be longer than 30 octets. Value strings MUST NOT be longer than 1024 octets. Implementations MUST NOT send more than 30 field-value pairs."

IMHO, dovecot is handling ID command before successful login successfully only if the length of the whole command is less than 1024 octets (exactly 861 octets is working fine, over that "Input buffer full" occurs).

I tried finding the reference in the source code, however I am unable to find where this limit actually occurs (maybe IMAP_ARG_STRING imap_arg->type?)

thank you in advance,

regards, Jernej

Reply via email to