Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes: > After some discussion with amdragon on IRC, i believe that this is only > relevant to notmuch when actively decrypting a message -- OpenPGP's > ability to embed compression makes it possible to write a PGP/MIME > message that is a quine: that is, when decompressed, it would expand to > itself, which would send our parser into an infinite loop. > > Since we're not decrypting during indexing, only notmuch-show and > notmuch-reply are probably affected by this problem. (but if someone > implements indexing of encrypted messages, then we'd have to worry about > this in the indexer as well) This is indeed our current situation. > The simple and generalized solution would be to limit the recursive > depth of our walk of the MIME tree; probably a large limit of something > like 30 or 50 would not trigger any real-world problems, and would halt > a runaway recursion well before most modern machines ran out of > resources. So do I understand correctly that to test this proposed fix, we would not need to generate a MIME-quine (which sounds challenging) but just a very deep MIME tree? _______________________________________________ notmuch mailing list -- notmuch@notmuchmail.org To unsubscribe send an email to notmuch-leave@notmuchmail.org