New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: use correct character encoding when parsing of MIME parameter value #66
Conversation
public void testNonAsciiFilename() throws MimeException { | ||
ContentDispositionField f = | ||
parse("Content-Disposition: attachment;" | ||
+ "\nfilename*0=\"=?UTF-8?Q?3-2_FORPROSJEKT_2-Sheet_-_XXX_A_2_40_?=" | ||
+ "\n=?UTF-8?Q?\";" | ||
+ "\nfilename*1=\"201_-_Fasader_nord=C3=B8st_og_nordvest.dwg?=\""); | ||
|
||
assertEquals(getMessage(f), | ||
"3-2 FORPROSJEKT 2-Sheet - XXX A 2 40 201 - Fasader nordøst og nordvest.dwg", | ||
f.getFilename()); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we get this test too for the lenient version?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sure thing, but are suggesting to move this test to LenientContentDispositionFieldTest or just replicate the same test in LenientContentDispositionFieldTest?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Replicate in my opinion.
The best way to go in the future is to have a common "contract" for both the lenient and non lenient implementations but this clearly looks like another topic to me.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes, I agree with you
dom/src/test/java/org/apache/james/mime4j/field/LenientContentDispositionFieldTest.java
Show resolved
Hide resolved
👍 sorry for messing up. I was about to fix it.... |
Fuzzing:
Input: (in base64)
Not encoded:
Code of the Fuzzer:
Runned with jazzer and a big fat jar with dependencies. |
core/src/main/java/org/apache/james/mime4j/util/MimeParameterMapping.java
Show resolved
Hide resolved
…apping.java don't parse value if it's null Co-authored-by: Benoit TELLIER <btellier@linagora.com>
Does this need any further reviewing before merging? |
No we are good. Letting a little more time for people to review (~a week) is generally seen as a good practice within the ASF. Sorry for loosing track of this topic ;-) |
Hello, I'm proposing fixes for MIME4J-109. As suggested pull64 is closed and this one is created based on the code review. please let me know if any clarification is needed. Thanks