CVE-2019-11500 and mail/dovecot (Dovecot 1.2)

[Edgar Fuß <ef%math.uni-bonn.de@localhost>]

In case anybody else is still using mail/dovecot, i.e. Dovecot 1.2,
here is a patch for CVE-2019-11500 I made based on the fix for the 2.2 branch.

$NetBSD: patch-src_lib-imap_imap-parser.c

Fix for CVE-2019-11500.
Adapted from commits 8639e532f18c330f87daeedbd0667c947c970cc6, 8ba8007a1278808febd646ba2e9c4d72f91b7011 and 0270102a8aed69ed899bd138afa9b789501cbdb1.

--- src/lib-imap/imap-parser.c.orig	2010-01-25 00:14:17.000000000 +0100
+++ src/lib-imap/imap-parser.c	2019-08-30 19:24:51.007868015 +0200
@@ -196,10 +196,8 @@ static void imap_parser_save_arg(struct 
 
 		/* remove the escapes */
 		if (parser->str_first_escape >= 0 &&
-		    (parser->flags & IMAP_PARSE_FLAG_NO_UNESCAPE) == 0) {
-			/* -1 because we skipped the '"' prefix */
-			str_unescape(str + parser->str_first_escape-1);
-		}
+		    (parser->flags & IMAP_PARSE_FLAG_NO_UNESCAPE) == 0)
+			(void)str_unescape(str);
 		arg->_data.str = str;
 		break;
 	case ARG_PARSE_LITERAL_DATA:
@@ -286,6 +284,11 @@ static int imap_parser_read_string(struc
 			break;
 		}
 
+		if (data[i] == '\0') {
+			parser->error = "NULs not allowed in strings";
+			return FALSE;
+		}
+
 		if (data[i] == '\\') {
 			if (i+1 == data_size) {
 				/* known data ends with '\' - leave it to