[exim-dev] [Bug 466] RFC 2231 support in MIME scanning

Inizio della pagina
Delete this message
Reply to this message
Autore: Git Commit
Data:  
To: exim-dev
Oggetto: [exim-dev] [Bug 466] RFC 2231 support in MIME scanning
------- You are receiving this mail because: -------
You are the QA contact for the bug.

http://bugs.exim.org/show_bug.cgi?id=466




--- Comment #5 from Git Commit <git@???> 2015-04-26 17:17:07 ---
Git commit:
http://git.exim.org/exim.git/commitdiff/627d1a1b61d9c535835221afcbe1b9cd6548cd3b

commit 627d1a1b61d9c535835221afcbe1b9cd6548cd3b
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Sun Apr 26 16:25:11 2015 +0100
Commit:     Jeremy Harris <jgh146exb@???>
CommitDate: Sun Apr 26 16:25:11 2015 +0100


    MIME: recode 2231-to-2047 safely.  Bug 466


    The original expansion was vulnerable to odd filenames.
---
 src/src/mime.c |   32 +++++++++++++++++++++++++++-----
 1 files changed, 27 insertions(+), 5 deletions(-)


diff --git a/src/src/mime.c b/src/src/mime.c
index aeab33d..6bffa78 100644
--- a/src/src/mime.c
+++ b/src/src/mime.c
@@ -543,6 +543,32 @@ return s;
}


+static uschar *
+rfc2231_to_2047(const uschar * fname, const uschar * charset, int * len)
+{
+int size = 0, ptr = 0;
+uschar * val = string_cat(NULL, &size, &ptr, US"=?", 2);
+uschar c;
+
+val = string_cat(val, &size, &ptr, charset, Ustrlen(charset));
+val = string_cat(val, &size, &ptr, US"?Q?", 3);
+
+while ((c = *fname))
+  if (c == '%' && isxdigit(fname[1]) && isxdigit(fname[2]))
+    {
+    val = string_cat(val, &size, &ptr, US"=", 1);
+    val = string_cat(val, &size, &ptr, ++fname, 2);
+    fname += 2;
+    }
+  else
+    val = string_cat(val, &size, &ptr, fname++, 1);
+
+val = string_cat(val, &size, &ptr, US"?=", 2);
+val[*len = ptr] = '\0';
+return val;
+}
+
+
 int
 mime_acl_check(uschar *acl, FILE *f, struct mime_boundary_context *context,
     uschar **user_msgptr, uschar **log_msgptr)
@@ -689,11 +715,7 @@ while(1)
                else
                  p = q;


-               temp_string = expand_string(string_sprintf(
-                 "=?%s?Q?${sg{%s}{\\N%%([\\dA-Fa-f]{2})\\N}{=\\$1}}?=",
-                 mime_filename_charset, p));
-               slen = Ustrlen(temp_string);
-
+               temp_string = rfc2231_to_2047(p, mime_filename_charset, &slen);
                temp_string = rfc2047_decode(temp_string, FALSE, NULL, 32,
                  NULL, &err_msg);
                size = Ustrlen(temp_string);



--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email