ContentDisposition Parser .NET Framework Bug

The .NET System.Net.MIME classes are rubbish. They don’t help you parse an incoming email and they have (at least one) serious bug. ContentDisposition doesn’t respect RFC 822, which is almost pre-historic in Internet terms. See the bug reports on Microsoft Connect: 339010 – ContentDisposition doesn’t respect RFC 822 (Section 5) (requires a login).

Using the rather splendid http://referencesource.microsoft.com/Default.aspx I was able to quickly configure Visual Studio 2008 SP1 to go get the PDBs for the .NET framework and then download the source as required – very cool!

I found the offending code in the .NET library (as other’s before me also had):

// MailBnfHelper.cs line 823:

static int ReadDateNumber(string data, ref int offset, int maxSize)
{
    int res = 0;
    int maxLength = offset + maxSize;
    
    if (offset >= data.Length)
        throw new FormatException(SR.GetString(SR.MailDateInvalidFormat));
    
    for (; offset < data.Length && offset < maxLength; offset++)
    {
        if (data[offset] < '0' || data[offset] > '9')
            break;
        res = (res * 10) + (data[offset] - '0');
    }

    if(res == 0)
        throw new FormatException(SR.GetString(SR.MailDateInvalidFormat));
    
    return res;
}

The biggest problem is this:

if(res == 0)

    throw new FormatException(SR.GetString(SR.MailDateInvalidFormat));

This procedure is used to read time components and Timezone. Any value which is 0 will throw an exception. This means any time where the hours, minutes or seconds are zero, and all mail from the +0000 timezone.

There’s another bug with the timezones as they can be alpha, e.g. GMT, and they fail too.

This is a weak area of the framework and it simply validates the use of 3rd party mail products that actually work.

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s