https://bugs.kde.org/show_bug.cgi?id=519598
Volker Krause <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |FIXED Latest Commit| |https://invent.kde.org/fram | |eworks/kmime/-/commit/c637e | |f87aea176c46475f351e77ceecb | |5d549276 --- Comment #2 from Volker Krause <[email protected]> --- Git commit c637ef87aea176c46475f351e77ceecb5d549276 by Volker Krause. Committed on 15/05/2026 at 13:15. Pushed by vkrause into branch 'master'. Limit parsing depth As we often process Content trees recursively, here and in consumer code, so we don't want an unbound tree depth. That's also not something that occurs in real use, but could be triggered by specially crafted input data. While doing that we have to ensure that this doesn't trip up consumer code in other ways though, particularly Content::bodyIsMessage() returning true still needs to imply that Content::bodyAsMessage() does not return a nullptr. A +147 -0 autotests/data/bug519598-attachment.mbox A +77 -0 autotests/data/bug519598-encapsulated-message.mbox M +31 -0 autotests/messagetest.cpp M +1 -0 autotests/messagetest.h M +25 -4 src/content.cpp M +8 -2 src/content.h M +3 -0 src/content_p.h https://invent.kde.org/frameworks/kmime/-/commit/c637ef87aea176c46475f351e77ceecb5d549276 -- You are receiving this mail because: You are watching all bug changes.
