Philip Guenther <guenther(_at_)gac(_dot_)edu> wrote:
era eriksson <era(_at_)iki(_dot_)fi> writes:
I'm on a spam forwarding list* and the other day -- about a week ago
-- there was a message which came in from this list which would make
Procmail dump core. ...
coredump, as procmail will do that expansion in a LINEBUF buffer
and your recipe will choke. Note that the following recipe has such
a problem:
TO=`formail -xTo:`
:0
|foo $TO
while this one doesn't:
TO=`formail -xTo:`
:0
|foo $TO;
Well... Not exactly. The second one will not dump core, but will not
function as desired either. In the TO assignment, procmail will
not overflow LINEBUF, but will simply truncate the output.
The expansion in the action line is done by the shell, so it doesn't
have any limits, but by then, the text in the TO variable has already
been truncated.
Yes, this theoretically (I've never heard of it being done) could
result in someone being able to break into your account by sending you
a wacky binary message that'll make procmail do Bad Things. For this
Yes, but only if you do things like above.
reason as well as the prevention of those annoying coredumps, I think
procmail should do some buffer checks while expanding. Yeah, Stephen,
It does, now, but lazily and therefore sometimes too late.
--
Sincerely,
srb(_at_)cuci(_dot_)nl
Stephen R. van den Berg (AKA BuGless).
This signature third word omitted, yet is comprehensible.