Issue 183

[andreasschulze]

this diff (e8e7b41) is working here since a long time in production.

Now, as I reviewed the diff to create a pull request, I noticed one test does not make sense. So I just applied 9827744.

hope this does not break something

[thegushi]

Thank you for this fix — this is the most complete of the existing PRs addressing #183, and the production testing you mentioned is very reassuring. The combination of bumping both constants and adding NULL guards in the arcseal parser was the right approach.

A few gaps remained that PR #296 addresses:

1. The constant bump here raises OPENDMARC_ARCSEAL_MAX_TOKEN_LEN and OPENDMARC_ARCSEAL_MAX_LONG_VALUE_LEN to 768 bytes, which is enough for RSA 3072-bit keys but would hit the same crash again for RSA 4096-bit (~684 bytes base64) or larger keys. PR Fix ARC header parsing crashes: SIGABRT on malformed tokens and SIGSEGV on large RSA key signatures #296 removes the length cap from strip_whitespace() entirely rather than bumping the number, so the parser handles any key size.

2. The identical issues existed in opendmarc-arcares.c — both the opendmarc_arcares_parse and opendmarc_arcares_arc_parse functions had the same strip_whitespace() length limit and the same missing = crash path. Those were not covered here.

3. The corresponding constants in opendmarc-arcares.h were also still at 512 bytes.

Closing in favour of #296, which addresses all of the above. Thanks again for the contribution and for the long-term production testing — that confidence in the approach was helpful!