Bug 20938 - tnef breaks with an assertion error
Summary: tnef breaks with an assertion error
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: Cauldron
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: All Packagers
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on: 21013
Blocks:
  Show dependency treegraph
 
Reported: 2017-05-25 21:50 CEST by Marcel Pol
Modified: 2017-06-05 21:51 CEST (History)
3 users (show)

See Also:
Source RPM: tnef-1.4.9-6
CVE:
Status comment:


Attachments

Description Marcel Pol 2017-05-25 21:50:29 CEST
Description of problem:
tnef breaks with an assertion error:

$ /usr/bin/tnef winmail.dat 
tnef: mapi_attr.c:233: mapi_attr_read: Assertion `(idx+(a->names[i].len*2)) <= len' failed.
Afgebroken (memorydump made)


Version-Release number of selected component (if applicable):
tnef-1.4.9-6.mga6.x86_64.rpm

How reproducible:
Use any winmail.dat from an Outlook user and you will see this error.

Steps to Reproduce:
1.
2.
3.

I compiled tnef 1.4.12 from source and it works now. It might be the new version or the recompile.
Comment 1 Marja Van Waes 2017-05-28 06:57:53 CEST
Assigning to all packagers collectively, since there is no registered maintainer for this package.

CC: (none) => marja11
Assignee: bugsquad => pkg-bugs

Comment 2 David Walser 2017-05-29 05:25:46 CEST
I wonder if just adding the CVE patches in the last update caused this, as opposed to updating to the newest version.  Perhaps we should upgrade to 1.4.14.

CC: (none) => nicolas.salguero

Comment 3 Zombie Ryushu 2017-06-01 22:56:37 CEST
Got another CVE to tack on here.

Package        : tnef
CVE ID         : CVE-2017-8911
Debian Bug     : 862442

It was discovered that tnef, a tool used to unpack MIME attachments of
type "application/ms-tnef", did not correctly validate its input. An
attacker could exploit this by tricking a user into opening a
malicious attachment, which would result in a denial-of-service by
application crash.

CC: (none) => zombie_ryushu

David Walser 2017-06-02 12:13:07 CEST

Depends on: (none) => 21013

Comment 4 Marcel Pol 2017-06-05 21:51:36 CEST
Thank you for the update of today

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.