Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Multipart parsing erases empty preamble #18

Closed
jbalazerpfpt opened this issue Aug 24, 2023 · 3 comments
Closed

Multipart parsing erases empty preamble #18

jbalazerpfpt opened this issue Aug 24, 2023 · 3 comments
Labels
bug Something isn't working

Comments

@jbalazerpfpt
Copy link

Under RFC 2046, a multipart body can have no preamble, or a preamble that is separated from the first boundary delimiter by a CRLF. The preamble can be empty, in which case there is a single blank line at the beginning of the multipart body before the first boundary delimiter. For such a message, Mail::Message::Body::Multipart::read will ignore the preamble, effectively erasing that blank line when the body is printed. Such modification of a message can cause message signature validation to fail.

This is how I would fix the bug, with a change to Mail::Box::Parser::Perl::_read_stripped_lines:

--- Perl.pm.orig        2023-08-23 21:57:17.539232700 -0700
+++ Perl.pm     2023-08-23 22:03:11.183477000 -0700
@@ -173,7 +173,13 @@
         }

         if(@$lines && $lines->[-1] =~ s/(\r?\n)\z//)
-        {   pop @$lines if @seps==1 && length($lines->[-1])==0;
+        {   # Don't pop the only line, because
+            # Mail::Message::Body::Multipart::read needs to be able to
+            # distinguish between no preamble (no lines before the first
+            # boundary delimiter) and an empty preamble (one empty line before
+            # the first boundary delimiter) to preserve an empty preamble
+            # and the EOL character that goes between it and the delimiter.
+            pop @$lines if @seps==1 && length($lines->[-1])==0 && @$lines>1;
         }
     }
     else # File without separators.

But please note that I haven't actually tested this fix on your code because we use our own optimized C implementation in Perl XS that mirrors the logic of Mail::Box::Parser::Perl::_read_stripped_lines. Incidentally, you can have our _read_stripped_lines C code if you want it, but it looks like you already have something similar in perl5-Mail-Box-Parser-C/C.xs. (And you might need the same fix there.)

empty_preamble_multipart_test_message.eml.txt
markov2 added a commit that referenced this issue Sep 1, 2023
@markov2
existing preamble should keep at least one empty string, issue #18
beaa643
@markov2
Copy link
Owner

markov2 commented Sep 1, 2023

Accepted.

I have no idea what to change in Mail::Box::Parser::C

@markov2 markov2 added the bug Something isn't working label Sep 1, 2023
markov2 added a commit that referenced this issue Sep 1, 2023
@markov2
add test for issue #18
25b8233
@markov2
Copy link
Owner

markov2 commented Oct 18, 2023

fixed with the release of 3.014

@markov2 markov2 closed this as completed Oct 18, 2023
@gregoa
Copy link

gregoa commented Dec 9, 2023

This commit breaks Mail-Box's testsuite; cf. https://rt.cpan.org/Ticket/Display.html?id=150141

markov2 added a commit that referenced this issue Dec 11, 2023
@markov2
fix counting epilogue trailing blank, issue #18
5c16777
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gregoa @markov2 @jbalazerpfpt