bug-mailutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug-mailutils] IMAP4D: Incorrect FETCH reply if message contains ascii


From: Jordi Mallach
Subject: [bug-mailutils] IMAP4D: Incorrect FETCH reply if message contains ascii NUL character
Date: Sat, 4 Nov 2006 14:49:25 +0100
User-agent: Mutt/1.5.13 (2006-08-11)

Hello,

This was reported against Debian a while ago, but I think I never
forwarded it here. Bad Jordi!

It seems imap4d won't perform correctly if it encounters a message with
the NUL character. I'm pasting Thomas Becket's original bug report
below:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=361354


will print a correct message count in {} in the reply, but then in the
message itself, printing of the message will stop with the character
before the ASCII NUL, and then the terminating ) is printed, followed
by
30 OK UID FETCH Completed

The problem seems pretty obvious: the code that reads and prints the
message into the reply is fooled by NULs because it is using C strings
to hold the data.

I have marked this bug report grave because spam is extremely common in
this sad world, and spam often includes such NUL characters.  This
prevents the use of imap4d with any such mail spool, rendering the
tool unusable.

In the message where I saw this, the NUL character was within a MIME
block, with type text/plain and encoding base64; the NUL occurred at the
end of the last line of the block, before the concluding boundary line.

The problem occurs as well if a "FETCH 27 BODY[TEXT]" command is used
(not surprisingly).

Clearly the bug is in fetch_io, in imap4d/fetch.c.  We are called from
fetch_operation, where there is no partial offset, so start and end are
ULONG_MAX.  The first main loop for fetch_io is the one chosen, and max
is set correctly (because the size printed between {} I know to be
correct).  Then we read chunks of 512 bytes at a time, and use util_send
to output them.  util_send cannot deal with chunks that have embedded
NULs.

pop3d is apparently able to handle the messages correctly.

Jordi
-- 
Jordi Mallach PĂ©rez  --  Debian developer     http://www.debian.org/
address@hidden     address@hidden     http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/

Attachment: signature.asc
Description: Digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]