From 9d497689996baa8eea2d0c6e7ddd9551fea9331a Mon Sep 17 00:00:00 2001 From: David Shaw Date: Sun, 13 Nov 2005 21:48:52 +0000 Subject: [PATCH] * armor.c (parse_header_line): A fussy bit of 2440: header lines are delimited with a colon-space pair. Therefore a line such as "Comment: " is actually legal, albeit not particularly useful. --- g10/ChangeLog | 6 ++++++ g10/armor.c | 22 ++++++++++++++++++---- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/g10/ChangeLog b/g10/ChangeLog index 4e456a19a..3a653ade1 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,9 @@ +2005-11-13 David Shaw + + * armor.c (parse_header_line): A fussy bit of 2440: header lines + are delimited with a colon-space pair. Therefore a line such as + "Comment: " is actually legal, albeit not particularly useful. + 2005-11-11 David Shaw * trustdb.h, trustdb.c (clean_key): New function to handle key diff --git a/g10/armor.c b/g10/armor.c index c61aacbdd..24c1ee88c 100644 --- a/g10/armor.c +++ b/g10/armor.c @@ -339,16 +339,30 @@ parse_header_line( armor_filter_context_t *afx, byte *line, unsigned int len ) afx->buffer_pos = len2; /* (it is not the fine way to do it here) */ return 0; /* WS only: same as empty line */ } - len = len2; - line[len2] = 0; + + /* + This is fussy. The spec says that a header line is delimited + with a colon-space pair. This means that a line such as + "Comment: " (with nothing else) is actually legal as an empty + string comment. However, email and cut-and-paste being what it + is, that trailing space may go away. Therefore, we accept empty + headers delimited with only a colon. --rfc2440, as always, + makes this strict and enforces the colon-space pair. -dms + */ p = strchr( line, ':'); - if( !p || !p[1] ) { + if( !p || (RFC2440 && p[1]!=' ') + || (!RFC2440 && p[1]!=' ' && p[1]!='\n' && p[1]!='\r')) + { log_error(_("invalid armor header: ")); print_string( stderr, line, len, 0 ); putc('\n', stderr); return -1; - } + } + + /* Chop off the whitespace we detected before */ + len=len2; + line[len2]='\0'; if( opt.verbose ) { log_info(_("armor header: "));