Date: Mon, 5 Jun 2000 11:56:27 -0700 (PDT) From: agifford@infowest.com To: freebsd-gnats-submit@FreeBSD.org Subject: misc/19038: The qpopper port accepts empty X-UIDL: headers in some cases, making retrieving email impossible in some cases Message-ID: <20000605185627.A3E0937B7BD@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 19038
>Category: misc
>Synopsis: The qpopper port accepts empty X-UIDL: headers in some cases, making retrieving email impossible in some cases
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Jun 05 12:00:01 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator: Aaron Gifford
>Release: FreeBSD 4.0-STABLE
>Organization:
>Environment:
FreeBSD jardan.infowest.com 4.0-STABLE FreeBSD 4.0-STABLE #0: Mon Jun 5 08:24:54 MDT 2000 adg@jardan.infowest.com:/usr/src/sys/compile/JARDAN.INFOWEST.COM i386
>Description:
There's a bug in the current version of qpopper in the ports collection such that an email message containing a header "X-UIDL: " with ONLY the header name followed by a single space can cause a mailbox to be unreadable by some clients (Microsoft Outlook in particular) because client then chokes on the output of the XUIDL POP command.
>How-To-Repeat:
Hand edit a mailbox file and add an X-UIDL: header that ONLY includes the header name followed by a single white space (or send yourself such a message), then connect to the qpopper port, issue the USER <user> and PASS <pass> command, then send the UIDL command. Notice that when it lists the message with the faulty header, you see something like this (assuming the bad header is part of message #25):
...
24 e9939c998575720193ef864e906609ee
25
26 064976f286d27c205936a1d8ab8d832a
27 c7ba3d53f66c62b4a3bc5bb8f6c1e4a4
...
At least one email client is known to choke at this point (MS Outlook) and abort the POP session (there are most likely many more). I discovered it when a coworker's email client (Outlook) started freaking out so he couldn't retrieve his email.
>Fix:
The fix is simple. Edit the patched ports version of pop_dropcopy.c and delete the following line (line 757):
} else if (!strncasecmp("X-UIDL:", buffer, 7)) {
if (!uidl_found) {
int len;
char *cp;
uidl_found++; <<<<<DELETE THIS LINE RIGHT HERE (line 757)<<<<
/* Skip over header */
cp = &buffer[7];
while (*cp && (*cp == ' ' || *cp == '\t')) cp++;
if( (len = strlen(cp)) > MIN_UIDL_LENGTH && len < MAX_UIDL_LENGTH ) {
uidl_found++;
That one line change will force qpopper to generate a new X-UIDL: header when the X-UIDL: header is empty. I strongly suspect that this is a case where someone editing things just forgot to delete that line while adding functionality. In other cases, the code correctly checks for an X-UIDL: header whose length is > MIN_UIDL_LENGTH and < MAX_UIDL_LENGTH. This single case (zero length after the header and single space) slips through.
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000605185627.A3E0937B7BD>