Hi notmuch folks-- On oss-security recently, there was a discussion about recursive compression and the ability to create infinite loops.
id:20131010013106.ga29...@openwall.com After some discussion with amdragon on IRC, i believe that this is only relevant to notmuch when actively decrypting a message -- OpenPGP's ability to embed compression makes it possible to write a PGP/MIME message that is a quine: that is, when decompressed, it would expand to itself, which would send our parser into an infinite loop. Since we're not decrypting during indexing, only notmuch-show and notmuch-reply are probably affected by this problem. (but if someone implements indexing of encrypted messages, then we'd have to worry about this in the indexer as well) The simple and generalized solution would be to limit the recursive depth of our walk of the MIME tree; probably a large limit of something like 30 or 50 would not trigger any real-world problems, and would halt a runaway recursion well before most modern machines ran out of resources. A more targeted fix might be to just limit the number of recursive decryptions that happen, since the MIME spec does not appear to be capable of permitting other parts to provide both compression and nesting, which is the root of the problem. However, it's possible that our MIME parsing ends up being more permissive than the specs, and is willing to try to interpret (for example) a gzip-compressed multipart/* or message/* part. So the simple/generalized solution is probably the right way to go. Sorry i don't have time to implement the fix myself right now, but i wanted to make sure the active coders in the project are aware of the issue. Regards, --dkg references: http://mumble.net/~campbell/blag.txt (see 2013-10-08) http://www.openwall.com/lists/oss-security/2013/10/10/2
Description: PGP signature
_______________________________________________ notmuch mailing list email@example.com http://notmuchmail.org/mailman/listinfo/notmuch