|Subject:||Email::Address takes very long to parse weird strings|
The header contained in the attached file makes Email::Address->parse take very long to complete; our amavisd-new instance kills the subprocess after 8 minutes. Of course, the header is all weird and probably broken, and I don't even expect correct parsing results, but still, this is some DoS attack vector. How to reproduce: $ cat run.pl use Email::Address; undef $/; my $a = <>; $a =~ s/^To: //; print Email::Address->parse($a); $ perl run.pl < to.txt We also have a much shorter (some 100 bytes) header that makes the run time explode that I'll attach as soon I can find it...
Message body is not shown because it is too large.