Bug#971935: libperl5.30: rfc-ignorant MIME-Header can make decode() crash
Dominic Hargreaves
dom at earth.li
Sat Nov 14 16:43:38 GMT 2020
Control: tags -1 + moreinfo
On Fri, Oct 09, 2020 at 11:02:57PM -0300, eingousef wrote:
> Package: libperl5.30
> Version: 5.30.3-4
> Severity: normal
>
> Dear Maintainer,
>
> I have tried to follow the recommendations of :
>
> https://github.com/pbrisbin/mail-query/blob/master/README.md
>
> by adding
>
> set query_command= "mail-query '%s' ~/Mail/ | perl -CS -MEncode -ne 'print decode(\"MIME-Header\", $_)'"
>
> to my muttrc.
>
> Unfortunately one e-mail of my mailbox contains an iso-8859-1 header
> which is not ASCII-encoded, and it makes the command crash with the
> following output :
>
> Malformed UTF-8 character: \xe9\x62\x69 (unexpected non-continuation byte 0x62, immediately after start byte 0xe9; need 3 bytes, got 1) in substitution (s///) at /usr/lib/x86_64-linux-gnu/perl/5.30/Encode/MIME/Header.pm line 90, <> line 24. Malformed UTF-8 character (fatal) at /usr/lib/x86_64-linux-gnu/perl/5.30/Encode/MIME/Header.pm line 90, <> line 24.
>
> messing up the Mutt UI.
>
> I don't know much about perl libraries so I don't know if my report is
> relevant or not, maybe it is the expected behavior for decode() to
> trust user input.
>
> If it's not, then it should check if the string is a properly
> formatted MIME-Header bfore trying to decode it.
Based on <https://metacpan.org/pod/Encode#Handling-Malformed-Data>
and <https://metacpan.org/pod/Encode::Unicode#Error-Checking>
it's debatable whether this is a bug.
I'd like to forward this upstream for their consideration, but please
can you include a simple test case - ie an example of one of
the malformed headers?
Cheers
Dominic.
More information about the Perl-maintainers
mailing list