Mailing List Archive: [Bug 3056] Distinct tags with same first letter overwrite each other

https://bugs.exim.org/show_bug.cgi?id=3056

Jeremy Harris <jgh146exb@wizmail.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED

--- Comment #6 from Jeremy Harris <jgh146exb@wizmail.org> ---
2658a023286f addresses.

--
You are receiving this mail because:
You are on the CC list for the bug.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

https://bugs.exim.org/show_bug.cgi?id=3056

Simon Arlott <bugzilla.exim.simon@arlott.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |---

--- Comment #7 from Simon Arlott <bugzilla.exim.simon@arlott.org> ---
It's still ignoring [^a-z] at the beginning of a tag name, e.g. "!bh=" becomes
"bh=":
if (where == PDKIM_HDR_LIMBO)
{
/* In limbo, just wait for a tag-char to appear */
if (!(c >= 'a' && c <= 'z'))
goto NEXT_CHAR;

where = PDKIM_HDR_TAG;
}

This should only allow whitespace before the tag name begins.

It's still stripping whitespace from inside tag names, e.g. "b h=..." becomes
"bh=":
if (where == PDKIM_HDR_TAG)
if (c == '=')
{
if (Ustrcmp(string_from_gstring(cur_tag), "b") == 0)
{
*q++ = '=';
in_b_val = TRUE;
}
where = PDKIM_HDR_VALUE;
goto NEXT_CHAR;
}
else if (!isspace(c))
cur_tag = string_catn(cur_tag, p, 1);

This should retain whitespace inside a tag name so that it can be identified as
an unrecognised tag (this currently only affects "bh"). For interoperability it
may be easier to keep this as-is but document it (in case the header line is
improperly wrapped in the middle of a tag name).

This also looks wrong because it strips all whitespace inside all tag values:
if (where == PDKIM_HDR_VALUE)
{
if (c == '\r' || c == '\n' || c == ' ' || c == '\t')
goto NEXT_CHAR;

RFC 6376: "Whitespace within a value MUST be retained unless explicitly
excluded by the specific tag description."

Only tags "b", "bh" and "z" specify that whitespace must be removed. Tag "h"
allows folding whitespace around the ":" characters so it would be ok to remove
that whitespace.

It's not clear how the values of tags "a", "c", "q", "s", "d", "i", "t", "x",
and "l" should be interpreted if they contain whitespace because all of them
would be invalid values. For interoperability it may be easier to continue
stripping whitespace (in case the header line is improperly wrapped in the
middle of a tag value) otherwise the signature should be PKIM_VERIFY_INVALID.

--
You are receiving this mail because:
You are on the CC list for the bug.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/