/ 
Encode-1.98
River stage five • 1199 direct dependents • 35337 total dependents
/ Encode::MIME::Header
Security Advisories (3)
CVE-2016-1238 (2016-07-27)

Loading optional modules from . (current directory).

CVE-2021-36770 (2021-07-17)

Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm (3.05 through 3.11). This issue occurs because the || operator evaluates @INC in a scalar context, and thus @INC has only an integer value.

CVE-2011-2939 (2012-01-13)

Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow.

NAME

Encode::MIME::Header -- MIME 'B' and 'Q' header encoding

SYNOPSIS

use Encode qw/encode decode/; 
$utf8   = decode('MIME-Header', $header);
$header = encode('MIME-Header', $utf8);

ABSTRACT

This module implements RFC 2047 Mime Header Encoding. There are 3 variant encoding names; MIME-Header, MIME-B and MIME-Q. The difference is described below

            decode()          encode()
----------------------------------------------
MIME-Header Both B and Q      =?UTF-8?B?....?=
MIME-B      B only; Q croaks  =?UTF-8?B?....?=
MIME-Q      Q only; B croaks  =?UTF-8?Q?....?=

DESCRIPTION

When you decode(=?encoding?X?ENCODED WORD?=), ENCODED WORD is extracted and decoded for X encoding (B for Base64, Q for Quoted-Printable). Then the decoded chunk is fed to decode(encoding). So long as encoding is supported by Encode, any source encoding is fine.

When you encode, it just encodes UTF-8 string with X encoding then quoted with =?UTF-8?X?....?= . The parts that RFC 2047 forbids to encode are left as is and long lines are folded within 76 bytes per line.

BUGS

It would be nice to support encoding to non-UTF8, such as =?ISO-2022-JP? and =?ISO-8859-1?= but that makes the implementation too complicated. These days major mail agents all support =?UTF-8? so I think it is just good enough.

SEE ALSO

Encode

RFC 2047, http://www.faqs.org/rfcs/rfc2047.html and many other locations.