Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 5336

Summary: Pine consumes all memory in specially-crafted e-mail.
Product: [Retired] Red Hat Linux Reporter: greerga
Component: pineAssignee: Mike A. Harris <mharris>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.0Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
URL: http://www.m-l.org/~greerga/pine.ack
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-02-15 16:08:08 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description greerga 1999-09-23 18:37:00 UTC
I wouldn't call the above URL crafted in any special way
as it was a bounced SPAM mail to the postmaster, but I
believe it could, in theory, be done.

Basically Pine consumed 300 MB of memory upon viewing this
message.  It increases slowly and seems to be due to the
HTML rendering code.  I've sent this to the PINE maintainers
but haven't had a reply.  The only way out is to have
another console kill it.

Comment 1 Bernhard Rosenkraenzer 2000-02-15 16:08:59 UTC
This is fixed in pine 4.21.