Bug 7467 - RFC 2231 section 3: Parameter Value Continuations
Summary: RFC 2231 section 3: Parameter Value Continuations
Status: NEW
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Libraries (show other bugs)
Version: 3.4 SVN branch
Hardware: PC Linux
: P2 normal
Target Milestone: Undefined
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-09-01 00:07 UTC by Karsten Bräckelmann
Modified: 2018-08-28 04:45 UTC (History)
1 user (show)



Attachment Type Modified Status Actions Submitter/CLA Status

Note You need to log in before you can comment on or make changes to this bug.
Description Karsten Bräckelmann 2017-09-01 00:07:45 UTC
The fix for bug 7453 was merely cosmetic, eliminating warnings from the logs. The underlying issue is that we didn't properly get the filename from the MIME headers.

M::SA::Util.pm parse_content_type() handled plain parameter values only and did not detect and join numbered sections.

Revision 1806879 implements support for MIME parameter value continuations. Not in the general case though, but specifically for the filename value, which is actually used by plugins and rules.

Sending        SpamAssassin/Util.pm
Committed revision 1806879.

As per the RFC, gaps in the sequence are not allowed. Handling them anyway prevents an easy attack to flood logs with gazillions of "uninitialized value" warnings".
Comment 1 Karsten Bräckelmann 2017-09-01 00:11:16 UTC
Also backporting to the stable 3.4 branch. Despite the changes to Util.pm, safe enough and reasonably easy to do.

Sending        lib/Mail/SpamAssassin/Util.pm
Committed revision 1806880.
Comment 2 Kevin A. McGrail 2018-08-28 04:45:18 UTC
Is this resolved?