Bug #51250 [Opn]: iconv_mime_decode() does not ignore malformed Q-encoded words

Fri, 19 Mar 2010 04:31:58 -0700 

Edit report at http://bugs.php.net/bug.php?id=51250&edit=1

 ID:               51250
 User updated by:  tomlove at gmail dot com
 Reported by:      tomlove at gmail dot com
 Summary:          iconv_mime_decode() does not ignore malformed
                   Q-encoded words
 Status:           Open
 Type:             Bug
 Package:          ICONV related
 Operating System: Linux / Windows
 PHP Version:      5.2.13

 New Comment:

Correction - this sentence: "Accordingly, B-encoded encoded-words (as
per RFC 

2047) are silently ignored"  should read  "Accordingly, MALFORMED
B-encoded 

encoded-words are silently ignored"


Previous Comments:
------------------------------------------------------------------------
[2010-03-09 20:49:43] tomlove at gmail dot com

Description:
------------
When calling iconv_mime_decode() with $mode =
ICONV_MIME_DECODE_CONTINUE_ON_ERROR, 

the manual states that "iconv_mime_decode_headers() attempts to ignore
any 

grammatical errors and continue to process a given header."



Accordingly, B-encoded encoded-words (as per RFC 2047) are silently
ignored.



But when using Q (quoted-printable) encoding, encoded-words with illegal


characters (> 127) cause iconv_mime_decode() to return false as if 

ICONV_MIME_DECODE_CONTINUE_ON_ERROR was not specified. 



As such it is not resilient towards malformed headers. 

Test script:
---------------
$m = ICONV_MIME_DECODE_CONTINUE_ON_ERROR;



var_dump(iconv_mime_decode("Legal encoded-word: =?utf-8?B?Kg==?= .",
$m));

var_dump(iconv_mime_decode("Legal encoded-word: =?utf-8?Q?*?= .", $m));

var_dump(iconv_mime_decode("Illegal encoded-word:
=?utf-8?B?".chr(0xA1)."?= .", $m));

var_dump(iconv_mime_decode("Illegal encoded-word:
=?utf-8?Q?".chr(0xA1)."?= .", $m));

Expected result:
----------------
string(23) "Legal encoded-word: * ."

string(23) "Legal encoded-word: * ."

string(24) "Illegal encoded-word:  ."

string(24) "Illegal encoded-word:  ."

Actual result:
--------------
string(23) "Legal encoded-word: * ."

string(23) "Legal encoded-word: * ."

string(24) "Illegal encoded-word:  ."

bool(false)


------------------------------------------------------------------------



-- 
Edit this bug report at http://bugs.php.net/bug.php?id=51250&edit=1

Reply via email to