[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nmh-workers] Weird behavior with non-ascii code in headers

From: David Levine
Subject: Re: [Nmh-workers] Weird behavior with non-ascii code in headers
Date: Sat, 29 Jun 2013 10:41:29 -0400

> >In general, I don't think the question is easy to answer.
> >What if an attacker, or mistake, moves the divider
> >between the display name and angle address?  And it's
> >even more complicated because an "address" can be an nmh
> >alias.

> I am trying to envision this attack you describe, and I am
> having a hard time.

There's a difference between "having a hard time" and
"knowing that it cannot possibly happen".  You may be right,
but I'd like to see a stronger statement.  If there's some
doubt, then I don't think it's worth the risk.  This
shouldn't occur often, and I don't see any problem with
letting the user deal with it.

> Secondly ... I am actually skeptical that this could even be
> considered an attack vector.  Assuming no buffer overflows,
> what, exactly, would an attacker be trying to accomplish?

I don't see what buffer overflows have to do with anything
here, not all attacks require them.  And motivations are of
no concern to me:  if it can happen and it's undesired
behavior, we've done something wrong.  Even if it can happen
by mistake.  And if it can happen by mistake, it can happen
with intent.

An "attack" doesn't have to be malicious, it can be
user/programmer/whoever error.

My concern is that something like boss=?utf8?Q?=2cX=excluded,
where X is a invalid UTF byte, will get converted to
boss=?utf8?Q?=2c?=excluded, which is a legal encoding of
boss,excluded.  If you can guarantee that kind of thing won't
ever happen in an nmh draft, great.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]