On Tue, 2004-12-14 at 22:04, Nigel Horne wrote:
> I've been thinking long and hard about this.
>
> The original code was correct, and the exploit is wrong.
>
> The sentence from RFC1521 (now RFC2045) that was quoted originally
> needs to be read in the context of the entire paragraph.
>
> So in
Nigel,
> should decode as
> foo bar xyzzy plugh
> NOT
> foo barxyzzy plugh
Yes, that's my interpretation too. The "exploit" aspect of the whole
debate came from the characters /after/ the
terminating '=' being used to poison the decoded attachment.
Regards.
--
PLDaniels - Software -
I've been thinking long and hard about this.
The original code was correct, and the exploit is wrong.
The sentence from RFC1521 (now RFC2045) that was quoted originally
needs to be read in the context of the entire paragraph.
So in this example
foo bar =
xyzzy plugh=
should decode as
foo bar x
