Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[2.14]: Fix: Fold long lines during SMTP communication #140

Merged
merged 16 commits into from
Mar 17, 2021

Conversation

glensc
Copy link
Contributor

@glensc glensc commented Feb 27, 2021

Q A
Documentation no
Bugfix yes
BC Break no
New Feature no
RFC no
QA yes

Description

It seems, the underlying problem of the bug is that currently, the loop reads up to 1000 bytes, and if the input is longer than that, then everything over 1000 bytes will appear as the next line in mail headers, resulting in corruption. And depending on MTA, such corruption is treated as the end of headers input or adds another mail header.

Updates #138 by @vladsf with the solution described in #138 (comment) and adds unit test.

@glensc glensc changed the title Fold long lines following RFC 5322 section-2.2.3 Fold long lines during smtp communication in Protocol\Smtp class Feb 27, 2021
@glensc glensc changed the title Fold long lines during smtp communication in Protocol\Smtp class [2.14]: Fold long lines during smtp communication in Protocol\Smtp class Feb 27, 2021
@glensc glensc force-pushed the long_header_fields-v2 branch from 21ff841 to 2acf481 Compare February 27, 2021 12:51
src/Protocol/Smtp.php Outdated Show resolved Hide resolved
src/Protocol/Smtp.php Outdated Show resolved Hide resolved
test/Transport/SmtpTest.php Outdated Show resolved Hide resolved
src/Protocol/Smtp.php Outdated Show resolved Hide resolved
@glensc glensc force-pushed the long_header_fields-v2 branch 2 times, most recently from e80773f to e88b6f6 Compare February 27, 2021 22:31
@glensc
Copy link
Contributor Author

glensc commented Feb 27, 2021

I would move $chunkReader function to a new class (preferred) or to this class method. But really need some guidance from The Maintainers.

@glensc glensc force-pushed the long_header_fields-v2 branch from 9a04d14 to cccf126 Compare February 27, 2021 22:40
@vladsf
Copy link
Contributor

vladsf commented Feb 28, 2021

I honestly believe that too much PHP force has been used :)

@vladsf
Copy link
Contributor

vladsf commented Feb 28, 2021

I would move $chunkReader function to a new class (preferred) or to this class method. But really need some guidance from The Maintainers.

That was an impressive technique :) Wouldn't be simpler to move "escaping, rtrim'ing and folding" a line into a function?

@glensc
Copy link
Contributor Author

glensc commented Feb 28, 2021

That was an impressive technique :) Wouldn't be simpler to move "escaping, rtrim'ing and folding" a line into a function?

what do you mean by "simpler", simpler to whom? to what? i offered to move the generator to class method, but not doing 'jus for that', as maybe maintainers accept it as is now.

also, I would be against putting three different logics to the same code block, it would make code more difficult to understand and follow the code flow. currently, it's distinct, reading and unfolding in one place, the rest in the other loop. the code gets smelly if they all done in the same loop (as you can see from commit history). need multiple state variables that are unrelated to each other but used in the same loop.

@glensc glensc force-pushed the long_header_fields-v2 branch from c09daa0 to 837a417 Compare February 28, 2021 10:38
@vladsf
Copy link
Contributor

vladsf commented Feb 28, 2021

what do you mean by "simpler", simpler to whom? to what? i offered to move the generator to class method, but not doing 'jus for that', as maybe maintainers accept it as is now.

For the maintainers to review the PR.

@glensc
Copy link
Contributor Author

glensc commented Feb 28, 2021

what do you mean by "simpler", simpler to whom? to what? I offered to move the generator to class method, but not doing 'jus for that', as maybe maintainers accept it as is now.

For the maintainers to review the PR.

In the end, the resulting code is simpler, and only the aggregated diff is messy, but individual commit diffs are okay.

@glensc
Copy link
Contributor Author

glensc commented Feb 28, 2021

Created reproducer of the bug I discovered that prevented of making more reasonable tests:

Wanted to test like this:

        $raw = substr($data, strpos($data, "DATA\r\n") + 6);

        $message = new StorageMessage(['raw' => $raw]);
        $headers = $message->getHeaders()->toArray();
        $this->assertEquals($bufferSizeHeaderValue, $headers['X-Exact-Length']);
        $this->assertEquals($headerValue, $headers['X-Ms-Exchange-Antispam-Messagedata']);

That's what I get when captured SMTP from this PR. It does look correct, so it's a bug in parsing of this library/

@glensc glensc changed the title [2.14]: Fold long lines during smtp communication in Protocol\Smtp class [2.14]: Fix: Fold long lines during smtp communication in Protocol\Smtp class Feb 28, 2021
@glensc glensc changed the title [2.14]: Fix: Fold long lines during smtp communication in Protocol\Smtp class [2.14]: Fix: Fold long lines during SMTP communication in Protocol\Smtp class Feb 28, 2021
@glensc glensc changed the title [2.14]: Fix: Fold long lines during SMTP communication in Protocol\Smtp class [2.14]: Fix: Fold long lines during SMTP communication Feb 28, 2021
@glensc glensc marked this pull request as ready for review February 28, 2021 20:55
@glensc glensc force-pushed the long_header_fields-v2 branch 3 times, most recently from 5459b48 to ea01167 Compare March 5, 2021 07:09
@glensc glensc changed the base branch from 2.14.x to 2.13.x March 5, 2021 07:10
@glensc glensc changed the title [2.14]: Fix: Fold long lines during SMTP communication [2.13]: Fix: Fold long lines during SMTP communication Mar 5, 2021
@glensc glensc changed the base branch from 2.13.x to 2.14.x March 5, 2021 07:11
@glensc glensc changed the title [2.13]: Fix: Fold long lines during SMTP communication [2.14]: Fix: Fold long lines during SMTP communication Mar 5, 2021
vladsf and others added 16 commits March 15, 2021 12:16
To deal with the 998/78 character limitations per line,
long lines can be split into a multiple-line representation
separated by CRLF + WSP; this is called "folding".
Correct folding is particularly important for long header fields.

Signed-off-by: Vlad Safronov <[email protected]>
This isolates the logic of handling incomplete reads to own unit.

Signed-off-by: Elan Ruusamäe <[email protected]>
As the buffer max size is known, can check last byte with isset

Signed-off-by: Elan Ruusamäe <[email protected]>
he method has no state, so therefore declared static.
Ideally this should be a standalone class, perhaps in laminas-stdlib.

Signed-off-by: Elan Ruusamäe <[email protected]>
@glensc glensc force-pushed the long_header_fields-v2 branch from e2aa574 to 74f4242 Compare March 15, 2021 10:16
@glensc
Copy link
Contributor Author

glensc commented Mar 15, 2021

@Slamdunk made a fresh rebase against upstream/2.14.x, perhaps it's better to review knowing it's up to date with the base branch.

@Slamdunk
Copy link
Contributor

Thank you @glensc, I'm going to squash this PR to reduce git-blame and git-bisect verbosity

@Slamdunk Slamdunk merged commit 542686a into laminas:2.14.x Mar 17, 2021
@glensc
Copy link
Contributor Author

glensc commented Mar 17, 2021

@Slamdunk perhaps you should have asked first from authors for permission to squash!

This PR has waited for two weeks+ being idle! If this was an issue, should have said it in that time period!

I (try to) follow the atomic commits principle:

As I see it, you made the opposite: more difficult to git blame/bisect with squashing. And losing commit author information is not very friendly either.

@glensc
Copy link
Contributor Author

glensc commented Mar 17, 2021

Update: seems this got merged without squashing, at least the 542686a merge commit. So far so good.

@glensc glensc deleted the long_header_fields-v2 branch March 17, 2021 15:25
@glensc
Copy link
Contributor Author

glensc commented Mar 17, 2021

@Slamdunk thank you for the 2.14.0 release!

@glensc
Copy link
Contributor Author

glensc commented Mar 17, 2021

Seems the release automation can't handle that PR had multiple contributors:

140: [2.14]: Fix: Fold long lines during SMTP communication thanks to @glensc

it actually replaced #138 by @vladsf yet there's no credit about that.

artemii-karkusha pushed a commit to artemii-karkusha/laminas-mail that referenced this pull request May 24, 2023
[2.14]: Fix: Fold long lines during SMTP communication
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Bug Something isn't working
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants