Bug#960062: libemail-mime-perl: DoS on excessive or deeply nested parts
Perl Email user
p5p at yhbt.net
Fri May 8 22:58:27 BST 2020
Package: libemail-mime-perl
Version: 1.946-1
Severity: important
Tags: upstream
Messages with too many tiny MIME parts can OOM on split().
Messages with many nested MIME parts can also fail on deep
recursion (Email::MIME->new calls ->subparts, ->subparts calls
->new, ad infinitum).
Smallish messages can generate these, since the a boundary
only needs to be 4 bytes "--a\n" and the header+body of
each part can just be 4 bytes "x:y\n\n", too.
Perl takes 42 bytes to represent a 4 byte string on 64-bit:
use Devel::Size; say Devel::Size::total_size("--\n\n")
This affects many other MIME parsers, too.
More information about the pkg-perl-maintainers
mailing list