james-mime4j-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jesse Long <...@unknown.za.net>
Subject Re: Incorrect line length limitation while parsing headers
Date Wed, 12 Jan 2011 08:40:22 GMT
Hi All,

With regards to the bug - Just changing the wording of the exception is 
not really sufficient. Yes, it will now correctly describe the error, 
but my problem persists. I have a, say, 2300 byte header - I cannot 
parse it. I understand that we must protect against arbitrarily long 
headers, like a 50Mb header, but surely we must also allow a header that 
spans multiple lines. The whole point of header folding is to allow 
headers longer that 1000 chars. So, we must make the header size limit 
greater than 1000 chars. Maybe 10000 chars is an acceptable default 
header size limit?

I had a look at trunk, and the code has change somewhat. I cant tell 
quickly if the code in trunk is using the 1000 char limit for header 
size or not.

My request: please perform a release on the 0.6 branch (0.6.2) that 
allows me to parse headers in excess of 1000 chars when using code like:

Message m = new Message(inputStream);

Thanks,
Jesse

On 11/01/2011 10:24, Stefano Bagnara wrote:
> Hi,
>
> in trunk we changed the exception to "max header length exception": as
> we use a single buffer to store a whole header (even if it is folded
> in 100 lines) we need to protect from memory usage using such limit.
> We just released 0.6.1, not sure if we will release 0.6.2 or wait for
> 0.7. In case we will backport the change from trunk and change the
> exception description instead of changing the logic.
>
> Please file an issue at http://issues.apache.org/jira/browse/MIME4J
>
> Stefano
>
> 2011/1/11 Jesse Long<jesse@virtualpostman.co.za>:
>> Hi,
>>
>> Please see the following code in mime4j 0.6:
>>
>> http://james.apache.org/mime4j/xref/org/apache/james/mime4j/parser/AbstractEntity.html#133
>>
>> The for loop checks for excess line length in headers based on the complete
>> length of the header, not on each individual line in the header.
>>
>> So, my header like this:
>>
>> X-Header-Name:<980 chars><CRLF>
>> <20 chars><CRLF>
>> <25 chars><CRLF>
>>
>> fails, because the complete length of the header is>  1000, however, no line
>> in the mime message is longer than 1000 chars...
>>
>> I suggest just removing the check for excess line length in the
>> fillFieldBuffer() method.
>>
>> Cheers,
>> Jesse
>>


Mime
View raw message