| commit | d53396df1eef85b406935c7424603300b2dc2285 | |
| author | Steffen Nurpmeso <steffen@sdaoden.eu> | |
| Mon, 21 Mar 2022 15:27:57 +0000 (21 16:27 +0100) | ||
| committer | Steffen Nurpmeso <steffen@sdaoden.eu> | |
| Mon, 21 Mar 2022 15:29:08 +0000 (21 16:29 +0100) | ||
| tree | dcb263bb2bc87200907389d0717251314ef38b4b | treesnapshot (tar.gz zip) |
| parent | ceac5fe93c4e941d3cfc81bca0ef0790e84cd871 | commitdiff |
mime_fromhdr(): FIX crash in crafted mail (since ~2013)..
In the MIME code that drives me mad, and that i mostly did not
look into after 2014, i introduced a bug in about 2013 that causes
SIGSEGV for malicious RFC 2047 parameters.
Heirloom mailx does not crash here, but an address sanitizer may
possibly stumble by a byte, if the glance was right.
This all needs to be rewritten. The question is when.
(I have not looked yet, but i hope that the RFC 2231 that i have
written from scratch (and that also needs at least a LOFI rewrite)
has test cases for this. I bite in my back if it has such a bug.)
In the MIME code that drives me mad, and that i mostly did not
look into after 2014, i introduced a bug in about 2013 that causes
SIGSEGV for malicious RFC 2047 parameters.
Heirloom mailx does not crash here, but an address sanitizer may
possibly stumble by a byte, if the glance was right.
This all needs to be rewritten. The question is when.
(I have not looked yet, but i hope that the RFC 2231 that i have
written from scratch (and that also needs at least a LOFI rewrite)
has test cases for this. I bite in my back if it has such a bug.)
| src/mx/mime.c | diffblobblamehistory |