diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2014-07-14 14:13:22 +0100 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2014-07-14 14:18:57 +0100 |
commit | 1bd0d12bcbf4f51bd78c60d5bae01f1ff38c5a84 (patch) | |
tree | 198cdbeea2f230c3e7c97d211fa2ea99a273df9a | |
parent | 9852336a0e497e2f2ef5e12919ac602defef957b (diff) |
Fix parsing of mime headers
RFC2045 allows parameter values to be quoted; an embedded semicolon
must then not terminate the parameter.
-rw-r--r-- | doc/doc-txt/ChangeLog | 2 | ||||
-rw-r--r-- | src/src/mime.c | 15 |
2 files changed, 12 insertions, 5 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 8dda80a10..770b106a5 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -148,6 +148,8 @@ PP/02 Fix internal collision of T_APL on systems which support RFC3123 by renaming away from it. Addresses GH issue 15, reported by Jasper Wallace. +JH/28 Fix parsing of MIME headers for parameters with quoted semicolons. + Exim version 4.82 ----------------- diff --git a/src/src/mime.c b/src/src/mime.c index 7c6d23df9..2233dacf6 100644 --- a/src/src/mime.c +++ b/src/src/mime.c @@ -391,11 +391,11 @@ int mime_get_header(FILE *f, uschar *header) { /* we have hit a non-whitespace char, start copying value data */ header_value_mode = 2; - /* skip quotes */ - if (c == '"') continue; + if (c == '"') /* flip "quoted" mode */ + header_value_mode = header_value_mode==2 ? 3 : 2; - /* leave value mode on ';' */ - if (c == ';') { + /* leave value mode on unquoted ';' */ + if (header_value_mode == 2 && c == ';') { header_value_mode = 0; }; /* -------------------------------- */ @@ -570,7 +570,12 @@ int mime_acl_check(uschar *acl, FILE *f, struct mime_boundary_context *context, if (strncmpic(mime_parameter_list[j].name,p,mime_parameter_list[j].namelen) == 0) { uschar *q = p + mime_parameter_list[j].namelen; /* yes, grab the value and copy to its corresponding expansion variable */ - while(*q != ';') q++; + while (*q && *q != ';') + { + if (*q == '"') do q++; while (*q != '"'); + q++; + } + param_value_len = (q - (p + mime_parameter_list[j].namelen)); param_value = (uschar *)malloc(param_value_len+1); memset(param_value,0,param_value_len+1); |