You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2004/02/12 04:48:08 UTC

[Bug 3034] New: header line corruption when empty header starts with a blank

http://bugzilla.spamassassin.org/show_bug.cgi?id=3034

           Summary: header line corruption when empty header starts with a
                    blank
           Product: Spamassassin
           Version: SVN Trunk (Latest Devel Version)
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: critical
          Priority: P5
         Component: spamc/spamd
        AssignedTo: spamassassin-dev@incubator.apache.org
        ReportedBy: matthias.andree@gmx.de


Hi,

I am reporting a header line corruption bug.

As the latest SVN version doesn't pass "make test" for me (and previous versions
needed LANG=C to pass "make test"), this report is against SVN revision
"2.70-r6256 (2004-01-24)" (as reported by spamc). That version passed "LANG=C
make test" before I installed it. (more details at the end)

spamc/spamd corrupt mail by running mail headers together in one line (attaching
the following line to the current) when a blank header ends in whitespace, for
instance,

Cc:
Subject: test

becomes

Cc: Subject: test

if there is a blank (ASCII 32 = 040 = 0x20) after the Cc:

Note that this is not academic, such headers are in legitimate mail in the wild,
for instance all announcements the WiN security mailing lists of the DFN-CERT
use such.

How to reproduce:
broken cases:
printf 'Cc:    \t\nSubject: subject\n\nbody' | spamc
printf 'Cc: \nSubject: subject\n\nbody' | spamc

good cases (NOTE the first one uses spamassassin, not spamc):
printf 'Cc: \nSubject: subject\n\nbody' | spamassassin
printf 'Cc:\t\nSubject: subject\n\nbody' | spamc
printf 'Cc: x \nSubject: subject\n\nbody' | spamc
printf 'Cc: x\t\nSubject: subject\n\nbody' | spamc

spamd is run as:
/usr/bin/perl -T -w /usr/bin/spamd -a -P -L -m 5

with minimal environment:
PATH=/command:/usr/local/bin:/usr/local/sbin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin
PWD=/etc/servicedirs/spamassassin
SHLVL=0



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.