james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefano Bagnara (JIRA)" <server-...@james.apache.org>
Subject [jira] Updated: (MIME4J-57) Add a max limit to header length for parsing.
Date Wed, 06 Aug 2008 15:00:44 GMT

     [ https://issues.apache.org/jira/browse/MIME4J-57?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Stefano Bagnara updated MIME4J-57:

    Fix Version/s:     (was: 0.4)

> Add a max limit to header length for parsing.
> ---------------------------------------------
>                 Key: MIME4J-57
>                 URL: https://issues.apache.org/jira/browse/MIME4J-57
>             Project: Mime4j
>          Issue Type: Bug
>    Affects Versions: 0.3
>            Reporter: Stefano Bagnara
>             Fix For: 0.5
> MIME4J-55 showed issues with very long multipart mime boundary.
> It has been fixed by having the buffer size depending on the boundary length. This create
possible issues (OOM/DoS) with malicious messages.
> It would be good to define a maximum length for an header.
> Somewhere in mime rfc or smtp rfc there is a maximum of 998+CRLF ascii bytes per line,
of course we may want to support longer headers, but not very long ones.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org

View raw message