D29640: Fix parsing headers with a name that is a prefix of a well-known header
Volker Krause
noreply at phabricator.kde.org
Mon May 11 16:33:20 BST 2020
vkrause created this revision.
Herald added a project: KDE PIM.
Herald added a subscriber: kde-pim.
vkrause requested review of this revision.
REVISION SUMMARY
That is, we ended up handling e.g. "Repl:" as "Reply-To:" here, and thus
this can have side-effects on application behavior such as determining who
to send a reply to. As this might allow bypasses of mechanisms that sign
certain subsets of relevant headers, this is rather problematic.
This is caused by only checking the length of the input string, but not
the length of the expected string for the name comparison.
Thanks to Marcus Brinkmann for discovering this.
REPOSITORY
R180 PIM: KMime
BRANCH
release/20.04
REVISION DETAIL
https://phabricator.kde.org/D29640
AFFECTED FILES
autotests/data/mails/reply-header.mbox
autotests/messagetest.cpp
autotests/messagetest.h
src/kmime_headerfactory.cpp
To: vkrause
Cc: kde-pim, fbampaloukas, dvasin, rodsevich, winterz, vkrause, mlaurent, knauss, dvratil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-pim/attachments/20200511/78810fdb/attachment-0001.htm>
More information about the kde-pim
mailing list