Closed Bug 187828 Opened 22 years ago Closed 21 years ago

E-mails with embedded NULL bytes break messenger

Categories

(MailNews Core :: Backend, defect)

Product:
MailNews Core
Component:
Backend
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 223062

People

(Reporter: david, Assigned: sspitzer)

Details

If you attempt to read an email that contains a 0x00 byte within the body, Mozilla can no longer read any emails in that folder. You must either change to a new folder and back, or go offline/online. As well, any pending changes such as marking messages deleted are lost. Method of reproduction: Edit any sample email and embed a NULL byte anywhere in the body. In my case my printer sends me emails with a 0x00 at the end of the message.
Confirm with Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2.1) Gecko/20021130. I've the same problem while reading my IMAP-folders. After opening email containing NULL-byte, controlling the folder is impossible and reading any other message is not possible.
I had this problem as well when accessing a pop3 folder on my wife's machine running Mozilla/5.0 under Windows XP. The NUL's occured at the end of the email following an enclosure.
FWIW, this bug just got a little publicity, because Outlook has a similar bug, but it horks Outlook entirely. Reassigning to current owner/QA.
Assignee: mscott → sspitzer
AFAIK, this bug was fixed in CVS some time ago. I need to investigate. There are actually several bugs on this problem.
This bug now appeared on Bugtraq (Securityfocus) http://securityfocus.com/bid/10145
please reopen if you disagree. also please update the issue indicating versions which aren't affected. thanks. *** This bug has been marked as a duplicate of 223062 ***
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
Erm, is this bug about having NULL bytes locally in a mbox file, or remote on a POP3/IMAP4 server?
Product: MailNews → Core
(In reply to comment #5) > This bug now appeared on Bugtraq (Securityfocus) http://securityfocus.com/bid/10145 In May 2005, it is still 'unpatched' according to SecurityFocus, the latest affected version is Suite 1.5. Can anyone of Security Team inform to mailto:vuldb [at] securityfocus.com the recent situation?
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.