Re: [Exim] verify=header_syntax Buffer overflow (CAN-2004-04…

Góra strony
Delete this message
Reply to this message
Autor: Exim User's Mailing List
Data:  
Dla: Exim User's Mailing List
Temat: Re: [Exim] verify=header_syntax Buffer overflow (CAN-2004-0400)
[ On Thursday, May 6, 2004 at 16:37:06 (+0100), Philip Hazel wrote: ]
> Subject: Re: [Exim] verify=header_syntax Buffer overflow (CAN-2004-0400)
>
> > My suspicion is that Some Other MTA (tm) allows it, just like it allows
> > spaces between the name and the colon in alias files.
>
> Thanks to google, I found it in an online Sendmail manual at


The requirement actually dates back over a quarter of a century to the
long obsolete RFC 733. RFC 822 (itself almost 22 years old and also now
obsolete as well) explicitly did not allow any linear whitespace either
in or after the field name, yet for some unknown reason the authors of
RFC 2822 found some reason to _partially_ resurrect it again (though as
a deprecated feature which "MUST NOT" be generated but which "MUST" be
accepted) (i.e. to allow LWSP-chars only _after_ the field name and
prior to the colon):

[[ RFC 733 ]]
c. Field-names

    To aid in the creation and reading of field-names,  the  free
    insertion  of  LWSP-chars  is  allowed in  reasonable places.


    Rather than obscuring the syntax specification for field-name
    with  the explicit syntax for these LWSP-chars, the existence
    of a "lexical" analyzer is assumed.  The analyzer  interprets
    the  text  which  comprises  the  field-name as a sequence of
    field-name atoms (fnatoms) separated by LWSP-chars


    Note that ONLY LWSP-chars may occur between the fnatoms of  a
    field-name and that CRLFs may NOT.  In addition, comments are
    NOT lexically recognized, as such, but parenthesized  strings
    are  legal  as  part  of  field-names.  These constraints are
    different from what is permissible  within  structured  field
    bodies.   In  particular,  this means that header field-names
    must wholly occur on the FIRST line of a folded  header  item
    and may NOT be split across two or more lines.


[[ RFC 822 ]]
     C.1.1.  FIELD NAMES


        These now must be a sequence of  printable  characters.   They
        may not contain any LWSP-chars.


--
                        Greg A. Woods


+1 416 218-0098                  VE3TCP            RoboHack <woods@???>
Planix, Inc. <woods@???>          Secrets of the Weird <woods@???>