On Thu, Jul 24, 2003 at 05:47:46PM +0100, John Haxby wrote:
There's a limit of 998 bytes per line in RFC2822, but subjects can be folded over several lines. RFC2822 doesn't specify a limit and I don't think it needs to ...
Which leads me to wonder how different MTAs handle the issue. Anyone
else see room for a buffer overflow here?
Given badly written software, yes, plenty of scope :-) However, things like sendmail can safely deal with long subjects a line at a time (the subject is copied directly to a queue file as it arrives) which helps a lot. UAs and whatnot are helped by knowing that they'll never have a very long line and can be written bearing that in mind.
RFC2821 and RFC2821 address buffer overrun issues in the protocol description which, provided that implementors actually read the standards, will help a lot.
jch
-- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
