From 409d304e0aafd747997f01105c07ced36917a514 Mon Sep 17 00:00:00 2001
From: "Rob Swindell (on Debian Linux)" <rob@synchro.net>
Date: Sat, 16 Sep 2023 12:04:56 -0700
Subject: [PATCH] Fix error when client supplies invalid Base64 string during
 auth

IIRC, the error was undefined has no properties or split() is not a function,
something like that.
---
 exec/imapservice.js | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/exec/imapservice.js b/exec/imapservice.js
index 6e4c2a578e..a760bc2d4a 100644
--- a/exec/imapservice.js
+++ b/exec/imapservice.js
@@ -891,7 +891,12 @@ var unauthenticated_command_handlers = {
 				}
 				client.socket.send("+\r\n");
 				line=client.socket.recvline(10240, 1800);
-				args=base64_decode(line).split(/\x00/);
+				line=base64_decode(line);
+				if(!line) {
+					tagged("NO", "Wrong format");
+					return;
+				}
+				args=line.split(/\x00/);
 				if(args === null || (!login(args[1],args[2]))) {
 					tagged(tag, "NO", "No AUTH for you.");
 					return;
@@ -904,7 +909,12 @@ var unauthenticated_command_handlers = {
 				challenge = '<'+random(2147483647)+"."+time()+"@"+system.host_name+'>';
 				client.socket.send("+ "+base64_encode(challenge)+"\r\n");
 				line=client.socket.recvline(10240, 1800);
-				args=base64_decode(line).split(/ /);
+				line=base64_decode(line);
+				if(!line) {
+					tagged("NO", "Wrong format");
+					return;
+				}
+				args=line.split(/ /);
 				un = system.matchuser(args[0], false);
 				if (un == 0) {
 					tagged(tag, "NO", "No AUTH for you.");
-- 
GitLab