Closed Bug 1718533 Opened 1 year ago Closed 1 year ago

Thunderbird doesn't render email (blank) if MIME boundary contains apostrophe character

Categories

(MailNews Core :: Security: OpenPGP, defect)

defect

Tracking

(thunderbird_esr78 affected, thunderbird91 fixed)

RESOLVED FIXED
91 Branch
Tracking Status
thunderbird_esr78 --- affected
thunderbird91 --- fixed

People

(Reporter: KaiE, Assigned: infofrommozilla)

Details

Attachments

(3 files)

If the MIME boundary of a received email contains an apostrophe character (') then Thunderbird fails to display the email contents. Instead, it shows blank space.

According to this answer https://stackoverflow.com/questions/4656287/what-rules-apply-to-mime-boundary
the ' character is allowed in the boundary.

this message fails to render

almost the same message as before, just with the apostrophe removed from the boundary, this message renders

The implementation for parsing the boundary line is in nsIMIMEHeaderParam::getParameterInternal (mozilla/firefox core code).
Changing component.

Component: MIME → Networking
Product: MailNews Core → Core

CC'ing Alfred and Julian who worked on related code in the past.

This looks fishy:
https://searchfox.org/comm-central/rev/2211115031808fb4a39e56ee26ec2df93e6bf3b3/mail/extensions/openpgp/content/modules/mimeVerify.jsm#208
this.boundary = hdr.boundary.replace(/['"]/g, "");

I guess this is to remove apostrophes when they are misused as quotation marks. But it also removes them inside the boundary.

Proof: If I remove the apostrophes only in the body, the mail is displayed correctly.

This is a smarter version:
https://searchfox.org/comm-central/rev/2211115031808fb4a39e56ee26ec2df93e6bf3b3/mail/extensions/openpgp/content/modules/fixExchangeMsg.jsm#245
r.boundary = r.boundary.replace(/^(['"])(.*)(['"])/, "$2");


See also:
https://searchfox.org/comm-central/rev/2211115031808fb4a39e56ee26ec2df93e6bf3b3/mail/extensions/openpgp/content/modules/mimeEncrypt.jsm#658

(In reply to Kai Engert (:KaiE:) from comment #1)

According to this answer https://stackoverflow.com/questions/4656287/what-rules-apply-to-mime-boundary
the ' character is allowed in the boundary.

The original reference:
https://www.rfc-editor.org/rfc/rfc2046#section-5.1.1 -> Page 21

(In reply to Alfred Peters from comment #6)

This is a smarter version:
https://searchfox.org/comm-central/rev/2211115031808fb4a39e56ee26ec2df93e6bf3b3/mail/extensions/openpgp/content/modules/fixExchangeMsg.jsm#245
r.boundary = r.boundary.replace(/^(['"])(.*)(['"])/, "$2");

I have changed all three occurrences so:
.replace(/^(['"])(.*)(\1)$/, "$2");

Only tested with the debuger from the Developer Toolbox. So a trybuild would be useful.

Assignee: nobody → infofrommozilla
Attachment #9229209 - Flags: review?(kaie)

Alfred, thanks a lot for finding this code. I didn't expect the OpenPGP code to modify the boundary.

Also I didn't know that it's possible to use the \1 reference expression inside the search string of a regular expression!
That's very useful to know.

I've tested your patch with the original message I've received, and it fixes it correctly.
Thanks for your patch!

Attachment #9229209 - Flags: review?(kaie) → review+
Component: Networking → Security: OpenPGP
Product: Core → MailNews Core

Pushed by geoff@darktrojan.net:
https://hg.mozilla.org/comm-central/rev/3806ed03b53b
When the MIME boundary is sanitized, leave apostrophes inside alone r=kaie

Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
Target Milestone: --- → 91 Branch

This bug has a target milestone of 91 so I'm setting the status-thunderbird91 flag to fixed.

You need to log in before you can comment on or make changes to this bug.