Closed danc86 closed 2 years ago
Turns out spammers are not very good at following standards. The code for handling UTF-7 added in commit 9b4d42a2 would crash like this:
--- Encoding::UndefinedConversionError from thread: poll after loading inbox "\xE2" from ASCII-8BIT to UTF-8 /home/dan/sup/lib/sup/rfc2047.rb:58:in `encode' /home/dan/sup/lib/sup/rfc2047.rb:58:in `block in decode_to' /home/dan/sup/lib/sup/rfc2047.rb:31:in `gsub' /home/dan/sup/lib/sup/rfc2047.rb:31:in `decode_to' /home/dan/sup/lib/sup/message.rb:77:in `decode_header_field' /home/dan/sup/lib/sup/message.rb:81:in `block in parse_header' /home/dan/sup/lib/sup/util.rb:648:in `[]' /home/dan/sup/lib/sup/message.rb:117:in `parse_header' /home/dan/sup/lib/sup/message.rb:270:in `load_from_source!' [...]
when given an RFC2047-encoded word which claims to be UTF-7 but contains high bytes, as in a spam subject line I recently received.
Turns out spammers are not very good at following standards. The code for handling UTF-7 added in commit 9b4d42a2 would crash like this:
when given an RFC2047-encoded word which claims to be UTF-7 but contains high bytes, as in a spam subject line I recently received.