Summary
The NNTP OVER/XOVER range parser treats malformed range specs as broad queries. For example, parseRange("abc") currently falls back to 0..MaxInt64, so an invalid client command can request the full overview instead of receiving a syntax error.
Reproduction
Call parseRange("abc") or send OVER abc after selecting a group.
Current behavior
Malformed input is accepted and may query a very broad article range.
Expected behavior
Malformed ranges such as abc, 1-abc, -5, 10-5, and 1-2-3 should be rejected and OVER should return 501 syntax error.
Impact
Bad client input can trigger unexpectedly large overview reads and responses.
Summary
The NNTP
OVER/XOVERrange parser treats malformed range specs as broad queries. For example,parseRange("abc")currently falls back to0..MaxInt64, so an invalid client command can request the full overview instead of receiving a syntax error.Reproduction
Call
parseRange("abc")or sendOVER abcafter selecting a group.Current behavior
Malformed input is accepted and may query a very broad article range.
Expected behavior
Malformed ranges such as
abc,1-abc,-5,10-5, and1-2-3should be rejected andOVERshould return501syntax error.Impact
Bad client input can trigger unexpectedly large overview reads and responses.