summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2014-07-14 14:13:22 +0100
committerJeremy Harris <jgh146exb@wizmail.org>2014-07-14 14:18:57 +0100
commit1bd0d12bcbf4f51bd78c60d5bae01f1ff38c5a84 (patch)
tree198cdbeea2f230c3e7c97d211fa2ea99a273df9a
parent9852336a0e497e2f2ef5e12919ac602defef957b (diff)
Fix parsing of mime headers
RFC2045 allows parameter values to be quoted; an embedded semicolon must then not terminate the parameter.
-rw-r--r--doc/doc-txt/ChangeLog2
-rw-r--r--src/src/mime.c15
2 files changed, 12 insertions, 5 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 8dda80a10..770b106a5 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -148,6 +148,8 @@ PP/02 Fix internal collision of T_APL on systems which support RFC3123
by renaming away from it. Addresses GH issue 15, reported by
Jasper Wallace.
+JH/28 Fix parsing of MIME headers for parameters with quoted semicolons.
+
Exim version 4.82
-----------------
diff --git a/src/src/mime.c b/src/src/mime.c
index 7c6d23df9..2233dacf6 100644
--- a/src/src/mime.c
+++ b/src/src/mime.c
@@ -391,11 +391,11 @@ int mime_get_header(FILE *f, uschar *header) {
/* we have hit a non-whitespace char, start copying value data */
header_value_mode = 2;
- /* skip quotes */
- if (c == '"') continue;
+ if (c == '"') /* flip "quoted" mode */
+ header_value_mode = header_value_mode==2 ? 3 : 2;
- /* leave value mode on ';' */
- if (c == ';') {
+ /* leave value mode on unquoted ';' */
+ if (header_value_mode == 2 && c == ';') {
header_value_mode = 0;
};
/* -------------------------------- */
@@ -570,7 +570,12 @@ int mime_acl_check(uschar *acl, FILE *f, struct mime_boundary_context *context,
if (strncmpic(mime_parameter_list[j].name,p,mime_parameter_list[j].namelen) == 0) {
uschar *q = p + mime_parameter_list[j].namelen;
/* yes, grab the value and copy to its corresponding expansion variable */
- while(*q != ';') q++;
+ while (*q && *q != ';')
+ {
+ if (*q == '"') do q++; while (*q != '"');
+ q++;
+ }
+
param_value_len = (q - (p + mime_parameter_list[j].namelen));
param_value = (uschar *)malloc(param_value_len+1);
memset(param_value,0,param_value_len+1);