our $MAXPARTS = 1000; # same as SpamAssassin
our $MAXDEPTH = 20; # seems enough, Perl sucks, here
our $MAXBOUNDLEN = 2048; # same as postfix
+our $header_size_limit = 102400; # same as postfix
my %MIME_ENC = (qp => \&enc_qp, base64 => \&encode_base64);
my %MIME_DEC = (qp => \&dec_qp, base64 => \&decode_base64);
/ismx
}
+sub hdr_truncate ($) {
+ my $len = length($_[0]);
+ substr($_[0], $header_size_limit, $len) = '';
+ my $end = rindex($_[0], "\n");
+ if ($end >= 0) {
+ ++$end;
+ substr($_[0], $end, $len) = '';
+ warn "header of $len bytes truncated to $end bytes\n";
+ } else {
+ $_[0] = '';
+ warn <<EOF
+header of $len bytes without `\\n' within $header_size_limit ignored
+EOF
+ }
+}
+
# compatible with our uses of Email::MIME
sub new {
my $ref = ref($_[1]) ? $_[1] : \(my $cpy = $_[1]);
# likely on *nix
my $hdr = substr($$ref, 0, $pos + 2, ''); # sv_chop on $$ref
chop($hdr); # lower SvCUR
+ hdr_truncate($hdr) if length($hdr) > $header_size_limit;
bless { hdr => \$hdr, crlf => "\n", bdy => $ref }, __PACKAGE__;
} elsif ($$ref =~ /\r?\n(\r?\n)/s) {
my $hdr = substr($$ref, 0, $+[0], ''); # sv_chop on $$ref
substr($hdr, -(length($1))) = ''; # lower SvCUR
+ hdr_truncate($hdr) if length($hdr) > $header_size_limit;
bless { hdr => \$hdr, crlf => $1, bdy => $ref }, __PACKAGE__;
} elsif ($$ref =~ /^[a-z0-9-]+[ \t]*:/ims && $$ref =~ /(\r?\n)\z/s) {
# body is optional :P
- bless { hdr => \($$ref), crlf => $1 }, __PACKAGE__;
+ my $hdr = substr($$ref, 0, $header_size_limit + 1);
+ hdr_truncate($hdr) if length($hdr) > $header_size_limit;
+ bless { hdr => \$hdr, crlf => $1 }, __PACKAGE__;
} else { # nothing useful
my $hdr = $$ref = '';
bless { hdr => \$hdr, crlf => "\n" }, __PACKAGE__;
'final "\n" preserved on missing epilogue');
}
+if ('header_size_limit stolen from postfix') {
+ local $PublicInbox::Eml::header_size_limit = 4;
+ my @w;
+ local $SIG{__WARN__} = sub { push @w, @_ };
+ my $eml = PublicInbox::Eml->new("a:b\na:d\n\nzz");
+ is_deeply([$eml->header('a')], ['b'], 'no overrun header');
+ is($eml->body_raw, 'zz', 'body not damaged');
+ is($eml->header_obj->as_string, "a:b\n", 'header truncated');
+ is(grep(/truncated/, @w), 1, 'truncation warned');
+
+ $eml = PublicInbox::Eml->new("a:b\na:d\n");
+ is_deeply([$eml->header('a')], ['b'], 'no overrun header w/o body');
+
+ local $PublicInbox::Eml::header_size_limit = 5;
+ $eml = PublicInbox::Eml->new("a:b\r\na:d\r\n\nzz");
+ is_deeply([$eml->header('a')], ['b'], 'no overrun header on CRLF');
+ is($eml->body_raw, 'zz', 'body not damaged');
+
+ @w = ();
+ $eml = PublicInbox::Eml->new("too:long\n");
+ $eml = PublicInbox::Eml->new("too:long\n\n");
+ $eml = PublicInbox::Eml->new("too:long\r\n\r\n");
+ is(grep(/ignored/, @w), 3, 'ignored header warned');
+}
+
if ('maxparts is a feature unique to us') {
my $eml = eml_load 't/psgi_attach.eml';
my @orig;