From 2dfdc5c6ad3de51c59e7ef24d09be43641e62f07 Mon Sep 17 00:00:00 2001
From: maminjie <maminjie1@huawei.com>
Date: Sat, 27 Mar 2021 12:53:23 +0800
Subject: [PATCH] Resolve fuzz-test about ABRT error

---
 0001-Fix-bugs-in-smtp-server.patch            | 40 +++++++++++++++++++
 ...ash-if-parsing-invalid-BODYSTRUCTURE.patch | 27 +++++++++++++
 dovecot.spec                                  |  7 +++-
 3 files changed, 73 insertions(+), 1 deletion(-)
 create mode 100644 0001-Fix-bugs-in-smtp-server.patch
 create mode 100644 0002-Fix-assert-crash-if-parsing-invalid-BODYSTRUCTURE.patch

diff --git a/0001-Fix-bugs-in-smtp-server.patch b/0001-Fix-bugs-in-smtp-server.patch
new file mode 100644
index 0000000..392c878
--- /dev/null
+++ b/0001-Fix-bugs-in-smtp-server.patch
@@ -0,0 +1,40 @@
+From a215a7d1a1c5eab40f6896fc07931a81d5504f18 Mon Sep 17 00:00:00 2001
+From: maminjie <maminjie1@huawei.com>
+Date: Sat, 27 Mar 2021 11:18:23 +0800
+Subject: [PATCH] Fix bugs in smtp server
+
+reference to: https://github.com/dovecot/core/pull/120
+---
+ src/lib-smtp/smtp-server-cmd-data.c | 2 +-
+ src/lib-smtp/smtp-server-cmd-helo.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/lib-smtp/smtp-server-cmd-data.c b/src/lib-smtp/smtp-server-cmd-data.c
+index 2650643..a7db425 100644
+--- a/src/lib-smtp/smtp-server-cmd-data.c
++++ b/src/lib-smtp/smtp-server-cmd-data.c
+@@ -654,7 +654,7 @@ void smtp_server_cmd_bdat(struct smtp_server_cmd_ctx *cmd,
+ 		}
+ 	}
+ 
+-	if (ret > 0 || size > 0) {
++	if (ret > 0 || (size > 0 && conn->smtp_parser)) {
+ 		/* read/skip data even in case of error, as long as size is
+ 		   known */
+ 		input = smtp_command_parse_data_with_size(conn->smtp_parser,
+diff --git a/src/lib-smtp/smtp-server-cmd-helo.c b/src/lib-smtp/smtp-server-cmd-helo.c
+index 330ceaa..40ba328 100644
+--- a/src/lib-smtp/smtp-server-cmd-helo.c
++++ b/src/lib-smtp/smtp-server-cmd-helo.c
+@@ -155,7 +155,7 @@ smtp_server_cmd_ehlo_reply_create(struct smtp_server_cmd_ctx *cmd)
+ 	unsigned int extra_caps_count, i, j;
+ 	struct smtp_server_reply *reply;
+ 
+-	i_assert(cmd->cmd->reg->func == smtp_server_cmd_ehlo);
++	i_assert(cmd->cmd->reg->func == smtp_server_cmd_ehlo || cmd->cmd->reg->func == smtp_server_cmd_helo);
+ 	reply = smtp_server_reply_create_ehlo(cmd->cmd);
+ 
+ 	if (helo_data->helo.old_smtp)
+-- 
+2.23.0
+
diff --git a/0002-Fix-assert-crash-if-parsing-invalid-BODYSTRUCTURE.patch b/0002-Fix-assert-crash-if-parsing-invalid-BODYSTRUCTURE.patch
new file mode 100644
index 0000000..0b5ef6f
--- /dev/null
+++ b/0002-Fix-assert-crash-if-parsing-invalid-BODYSTRUCTURE.patch
@@ -0,0 +1,27 @@
+From c4c499cb5b9fc35e8b850a9faf6b700feb3b299f Mon Sep 17 00:00:00 2001
+From: maminjie <maminjie1@huawei.com>
+Date: Sat, 27 Mar 2021 11:55:31 +0800
+Subject: [PATCH] Fix assert-crash if parsing invalid BODYSTRUCTURE with empty
+ Content-Language list
+
+reference to: https://github.com/dovecot/core/commit/dd51ae09a8a688c8466e31d5b6108756d5154153
+---
+ src/lib-imap/imap-bodystructure.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/lib-imap/imap-bodystructure.c b/src/lib-imap/imap-bodystructure.c
+index a2d778f..b52af28 100644
+--- a/src/lib-imap/imap-bodystructure.c
++++ b/src/lib-imap/imap-bodystructure.c
+@@ -245,6 +245,8 @@ imap_bodystructure_strlist_parse(const struct imap_arg *arg,
+ 	} else {
+ 		if (!imap_arg_get_list_full(arg, &list_args, &list_count))
+ 			return -1;
++        if (list_count == 0)
++            return -1;
+ 
+ 		list = p_new(pool, const char *, list_count+1);
+ 		for (i = 0; i < list_count; i++) {
+-- 
+2.23.0
+
diff --git a/dovecot.spec b/dovecot.spec
index 077fdb2..8e34bb0 100644
--- a/dovecot.spec
+++ b/dovecot.spec
@@ -6,7 +6,7 @@
 
 Name:          dovecot
 Version:       2.3.10.1
-Release:       5
+Release:       6
 Summary:       Dovecot Secure imap server
 License:       MIT and LGPLv2.1
 URL:           http://www.dovecot.org/
@@ -38,6 +38,8 @@ Patch6011:     CVE-2020-12100-2.patch
 Patch6012:     CVE-2020-25275-1.patch
 Patch6013:     CVE-2020-25275-2.patch
 Patch6014:     CVE-2020-24386.patch
+Patch6015:     0001-Fix-bugs-in-smtp-server.patch
+Patch6016:     0002-Fix-assert-crash-if-parsing-invalid-BODYSTRUCTURE.patch
 
 BuildRequires: gcc-c++ openssl-devel pam-devel zlib-devel bzip2-devel libcap-devel
 BuildRequires: libtool autoconf automake pkgconfig sqlite-devel libpq-devel
@@ -289,6 +291,9 @@ make check
 
 
 %changelog
+* Sat Mar 27 2021 maminjie <maminjie1@huawei.com> - 2.3.10.1-6
+- Resolve fuzz-test about ABRT error
+
 * Fri Feb 5 2021 wangyue <wangyue92@huawei.com> - 2.3.10.1-5
 - Fix CVE-2020-25275 CVE-2020-24386
 
-- 
Gitee