From 8dbe9bba8ef8f12b0ce90042a5b6a1e20fe781bf Mon Sep 17 00:00:00 2001
From: Vladimir Dronnikov <dronnikov@gmail.com>
Date: Sat, 17 Oct 2009 03:35:10 +0200
Subject: sendmail: fix for long headers (by Vladimir)

Signed-off-by: Vladimir Dronnikov <dronnikov@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
 mailutils/sendmail.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'mailutils/sendmail.c')

diff --git a/mailutils/sendmail.c b/mailutils/sendmail.c
index a216d66c1..2f99df6c0 100644
--- a/mailutils/sendmail.c
+++ b/mailutils/sendmail.c
@@ -229,10 +229,15 @@ int sendmail_main(int argc UNUSED_PARAM, char **argv)
 			rcptto(sane_address(s+5));
 			free(s);
 			// N.B. Bcc: vanishes from headers!
+
 		// other headers go verbatim
-		// N.B. we allow MAX_HEADERS generic headers at most to prevent attacks
-		} else if (strchr(s, ':')) {
+
+		// N.B. RFC2822 2.2.3 "Long Header Fields" allows for headers to occupy several lines.
+		// Continuation is denoted by prefixing additional lines with whitespace(s).
+		// Thanks (stefan.seyfried at googlemail.com) for pointing this out.
+		} else if (strchr(s, ':') || (list && skip_whitespace(s) != s)) {
  addheader:
+			// N.B. we allow MAX_HEADERS generic headers at most to prevent attacks
 			if (MAX_HEADERS && ++nheaders >= MAX_HEADERS)
 				goto bail;
 			llist_add_to_end(&list, s);
-- 
cgit v1.2.3