/ help / lists / applications / search /
|molar.is > lists > anomy-list > 2003-06||/ threads / authors / dates / subjects /|
Re: 1.60 fooled by spaces in MIME headers: W32/Holar.h@MM wormFrom: Robin Whittle (email@example.com)
Date: Mon 02 Jun 2003 - 05:47:36 GMT
Thanks Bjarni! I did this to line 468:
> To implement it, search MIMEStream.pm for this line:
This correctly finds the file name in all 16 test cases - thereby
I also tested this:
Content-Type: application/octet-stream; NaME ==== "
and it worked fine!
*** Attached file dropped ***
I guess the problem is how tolerent of malformed MIME headers
For instance would some clients be so "helpful" as to use the second
I tried a message with both lines like this:
With the above patch, Anomy Sanitizer reports everything in the quotes
I suppose in a world where people have spaces in filenames, this is
If I reverse it:
Anomy Sanitizer does not drop it - it passes it with the lines changed
which would alter any name with a space in it.
This should not lead to any security trouble, since its the final
Here is a potential problem. If I make both filenames:
and set bit of the last 'e', then Anomy Sanitizer does not recognise
If I set bit 7 of just one or the other instance of the filename,
What if the file name was:
Where ~ is some whacky character like a backspace?
Anomy Santizer does not see it as an .exe. and the backspace is turned
But if that '~' is an 0x0A . . . Anomy Sanitizer does not see it as
This looks wrong. The same thing happens if there is no space and
Here's another attempt: I make the filename this, with no space
Anomy Sanitizer passes it and makes it:
This seems fine.