diff options
author | Leah Neukirchen <leah@vuxu.org> | 2017-12-05 16:59:31 +0100 |
---|---|---|
committer | Leah Neukirchen <leah@vuxu.org> | 2017-12-05 16:59:31 +0100 |
commit | ba4a0cf589d4465d5217cc24b4d3dd0857f6cb0e (patch) | |
tree | f8021dde4f88924095b2fe611032bbddde87c533 | |
parent | 4d404753642db08df0d86876845b96ba0ea3b0c5 (diff) | |
download | mblaze-ba4a0cf589d4465d5217cc24b4d3dd0857f6cb0e.tar.gz mblaze-ba4a0cf589d4465d5217cc24b4d3dd0857f6cb0e.tar.xz mblaze-ba4a0cf589d4465d5217cc24b4d3dd0857f6cb0e.zip |
rfc2047: blaze822_decode_rfc2047: don't decode encoded-words that contain NUL bytes
This is a lax interpretation of RFC 2047, 4.5: > Only printable and white space character data should be encoded using > this scheme. However, since these encoding schemes allow the > encoding of arbitrary octet values, mail readers that implement this > decoding should also ensure that display of the decoded data on the > recipient's terminal will not cause unwanted side-effects. Since many of the code that deals with header values does not support inline NUL bytes, it's best to not decode them here. We check for this after iconv, so quoted-printable UTF-32 e.g. should be safe. Also see https://www.mailsploit.com/
-rw-r--r-- | rfc2047.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/rfc2047.c b/rfc2047.c index c152922..ab65772 100644 --- a/rfc2047.c +++ b/rfc2047.c @@ -132,7 +132,7 @@ blaze822_decode_rfc2047(char *dst, char *src, size_t dlen, char *tgtenc) char *b = src; - // use memmem + // XXX use memmem char *s = strstr(src, "=?"); if (!s) goto nocodeok; @@ -233,6 +233,9 @@ blaze822_decode_rfc2047(char *dst, char *src, size_t dlen, char *tgtenc) } } + if (memchr(dst, 0, dlen)) + goto nocode; + while (!partial && declen && dlen) { *dst++ = *dec++; declen--; |