diff options
| author | Omar Polo <op@cvs.openbsd.org> | 2023-12-05 13:38:26 +0000 |
|---|---|---|
| committer | Omar Polo <op@cvs.openbsd.org> | 2023-12-05 13:38:26 +0000 |
| commit | 1569ec59792e33296edbe45f30a2b8a25072a33a (patch) | |
| tree | fe36326a9089208fbe94e271764843b534cd3fa8 | |
| parent | 5b119172b2b49cbf9517c8cbec344fb8ce9467da (diff) | |
reject headers that start with a space or tab
If the first header starts with a space but still contains a colon
character, it is added to the body mail effectively appending it to the
Received header due to the folding rules.
Issue reported by Crystal Kolipe
ok millert@, giovanni@
| -rw-r--r-- | usr.sbin/smtpd/rfc5322.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.sbin/smtpd/rfc5322.c b/usr.sbin/smtpd/rfc5322.c index a6f15056d59..79f55327de0 100644 --- a/usr.sbin/smtpd/rfc5322.c +++ b/usr.sbin/smtpd/rfc5322.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rfc5322.c,v 1.3 2021/06/14 17:58:16 eric Exp $ */ +/* $OpenBSD: rfc5322.c,v 1.4 2023/12/05 13:38:25 op Exp $ */ /* * Copyright (c) 2018 Eric Faurot <eric@openbsd.org> @@ -149,7 +149,8 @@ _rfc5322_next(struct rfc5322_parser *parser, struct rfc5322_result *res) case RFC5322_NONE: case RFC5322_HEADER_END: - if (line && (pos = strchr(line, ':'))) { + if (line && line[0] != ' ' && line[0] != '\t' && + (pos = strchr(line, ':'))) { len = pos - line; if (buf_grow(&parser->hdr, len + 1) == -1) return -1; |