Update of mhonarc/MHonArc/lib
Modified Files:
mhtxthtml.pl
Log Message:
Bug #32013, #32014: Reject any HTML message that has nested tag markup.
Example: <bo<body>dy>
This should address both security items related to XSS and DoS.
======================================================================
FILE: mhonarc/MHonArc/lib/mhtxthtml.pl
<http://www.mhonarc.org/cgi-bin/viewcvs.cgi/*checkout*/mhonarc/MHonArc/lib/mhtxthtml.pl?rev=2.38>
<http://www.mhonarc.org/cgi-bin/viewcvs.cgi/mhonarc/MHonArc/lib/mhtxthtml.pl.diff?r1=2.37&r2=2.38&diff_format=h>
--- mhtxthtml.pl 2 May 2005 00:04:39 -0000 2.37
+++ mhtxthtml.pl 30 Dec 2010 20:52:25 -0000 2.38
@@ -113,4 +113,14 @@
$args = '' unless defined $args;
+ # Bug-32013 (CVE-2010-4524): Invalid tags cause immediate rejection.
+ # Bug-32014 (CVE-2010-1677): Prevents DoS if massively nested.
+ if ($$data =~ /<[^>]*</) {
+ warn qq/\n/,
+ qq/Warning: Invalid HTML detected, rejecting\n/,
+ qq/ Message-Id: <$mhonarc::MHAmsgid>\n/,
+ qq/ Message Number: $mhonarc::MHAmsgnum\n/;
+ return undef;
+ }
+
## Check if content-disposition should be checked
if ($args =~ /\battachcheck\b/i) {
---------------------------------------------------------------------
To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the
message text UNSUBSCRIBE MHONARC-COMMITS