John Hardin wrote,
| Another comment emailed to me this morning reminded me that it is valid to
| use line-continuation within quoted strings, so something like:
|
| Content-Type: ... name="AAAAAAAAAAAA
| AAAAAAAAAAAAAAAAAAAA
| AAAAAAAAAAAAAAAAAAAA
| ...
| AAAAAAAAAAAAAAAAAAAA
| AAexploit-code-starts-here"
|
| would be syntactically valid but would bypass my filters. I have modified
| html-trap.procmail to append a close quote on the first line, but it does
| NOT clean up the remaining lines.
John,
If you're doing it within procmail, procmail considers continuation lines
in headers as if the embedded newline were a space, and it will match . in a
regexp condition.
So if anything that will make procmail overcautious with long filenames,
because every break and indentation will make procmail see at least two
characters that MIME does not.
David Tamkin