** See bug #307398

2005-06-25  Not Zed  <NotZed@Ximian.com>

        ** See bug #307398

        * mail-session.c (alert_user): copy the prompt string, in 'no
        cancel' mode we run asynchronously.
        (free_user_message): & free it.

2005-06-24  Not Zed  <NotZed@Ximian.com>

        * em-format-html.c (efh_url_requested): dont pass data gtkhtml
        definitely can't handle, to gtkhtml.  This is no security patch,
        but stops gtkhtml wasting time tying to render malicious mails or
        other rubbish.

svn path=/trunk/; revision=29582

1 files changed, 19 insertions, 4 deletions

diff --git a/mail/em-format-html.c b/mail/em-format-html.c
index d00387ba80..ad26fbacad 100644
--- a/mail/em-format-html.c
+++ b/mail/em-format-html.c
@@ -527,10 +527,25 @@ efh_url_requested(GtkHTML *html, const char *url, GtkHTMLStream *handle, EMForma
 
 	puri = em_format_find_visible_puri((EMFormat *)efh, url);
 	if (puri) {
-		puri->use_count++;
-
-		d(printf(" adding puri job\n"));
-		job = em_format_html_job_new(efh, emfh_getpuri, puri);
+		CamelContentType *ct = ((CamelDataWrapper *)puri->part)->mime_type;
+
+		/* GtkHTML only handles text and images.
+		   application/octet-stream parts are the only ones
+		   which are snooped for other content.  So only try
+		   to pass these to it - any other types are badly
+		   formed or intentionally malicious emails.  They
+		   will still show as attachments anyway */
+
+		if (ct && (camel_content_type_is(ct, "text", "*")
+			   || camel_content_type_is(ct, "image", "*")
+			   || camel_content_type_is(ct, "application", "octet-stream"))) {
+			puri->use_count++;
+
+			d(printf(" adding puri job\n"));
+			job = em_format_html_job_new(efh, emfh_getpuri, puri);
+		} else {
+			gtk_html_stream_close(handle, GTK_HTML_STREAM_ERROR);
+		}
 	} else if (g_ascii_strncasecmp(url, "http:", 5) == 0 || g_ascii_strncasecmp(url, "https:", 6) == 0) {
 		d(printf(" adding job, get %s\n", url));
 		job = em_format_html_job_new(efh, emfh_gethttp, g_strdup(url));