<<< Date Index >>>     <<< Thread Index >>>

[PATCH] Detect corrupted content-length in Maildirs



Maildirs with corrupted content-length headers can lead to even more
corruption when mails are copied. In my scenario, I was copying e-mails
from a Maildir to an MMDF file. There was one input mail with an invalid
content-length header, making it appear to end with "\n-" (the beginning
of a MIME boundary). The output MMDF file was then written with a
separator of "\n-\x01\x01\x01\x01", making it invalid and Mutt
righteously complained about a corrupted file when opening it.

This patch tries to detect such cases and logs them to the debug log
(similar to a content-length check for mbox files).

Signed-off-by: Michael Hanselmann

---
--- mutt-1.5.20hg.orig/mh.c     2010-08-12 01:07:45.687720919 +0200
+++ mutt-1.5.20hg/mh.c  2010-08-12 02:12:06.099671155 +0200
@@ -659,6 +659,15 @@
     if (!h->received)
       h->received = h->date_sent;
 
+    if (h->content->length > 0 &&
+       (h->content->offset + h->content->length) != st.st_size)
+    {
+      dprint (1, (debugfile, "maildir_parse_message: bad content-length "
+                            "in message %d (cl=" OFF_T_FMT ")\n",
+                 h->index, h->content->length));
+      h->content->length = -1;
+    }
+
     if (h->content->length <= 0)
       h->content->length = st.st_size - h->content->offset;