[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nmh-workers] mhshow: invalid QUOTED-PRINTABLE encoding

From: Paul Fox
Subject: Re: [Nmh-workers] mhshow: invalid QUOTED-PRINTABLE encoding
Date: Mon, 20 Mar 2006 13:18:39 -0500

 > > i believe there was consensus that a) this behavior was a result
 > > of a problem with the original content encoding, and that b) the
 > > nmh decoder should be more tolerant when decoding, and simply
 > > pass mis-codings through untouched.
 > I'd have to think *real* hard about that.  I suspect that
 > passing mis-codings through without a complaint is possibly
 > setting us up for a nasty security exposure.  I'm not
 > convinced that it isn't possible to create an intentional bad
 > encoding that causes issues further down the line.

interesting.  mh certainly wouldn't be the first mailer to make
this mistake, if what you think is true.

for instance a sourceforge message i received today had these headers:
    Content-Type: text/plain; charset=ISO-8859-1
    Content-Transfer-Encoding: quoted-printable
    Content-Disposition: inline
and it contained the following URL, 

this displays in mutt as:

nmh aborts when it reaches the "=ln", and displays nothing at
all.  i wouldn't mind an error message -- it's the aborting
that's the real nuisance.

 paul fox, address@hidden (arlington, ma, where it's 29.7 degrees)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]