aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--mail/ChangeLog15
-rw-r--r--mail/em-format-html.c23
-rw-r--r--mail/mail-session.c14
3 files changed, 45 insertions, 7 deletions
diff --git a/mail/ChangeLog b/mail/ChangeLog
index 16407fb6bc..c5cbc39e5e 100644
--- a/mail/ChangeLog
+++ b/mail/ChangeLog
@@ -1,3 +1,18 @@
+2005-06-25 Not Zed <NotZed@Ximian.com>
+
+ ** See bug #307398
+
+ * mail-session.c (alert_user): copy the prompt string, in 'no
+ cancel' mode we run asynchronously.
+ (free_user_message): & free it.
+
+2005-06-24 Not Zed <NotZed@Ximian.com>
+
+ * em-format-html.c (efh_url_requested): dont pass data gtkhtml
+ definitely can't handle, to gtkhtml. This is no security patch,
+ but stops gtkhtml wasting time tying to render malicious mails or
+ other rubbish.
+
2005-06-21 Brian Mury <b.mury@ieee.org>
** See bug #301466.
diff --git a/mail/em-format-html.c b/mail/em-format-html.c
index d00387ba80..ad26fbacad 100644
--- a/mail/em-format-html.c
+++ b/mail/em-format-html.c
@@ -527,10 +527,25 @@ efh_url_requested(GtkHTML *html, const char *url, GtkHTMLStream *handle, EMForma
puri = em_format_find_visible_puri((EMFormat *)efh, url);
if (puri) {
- puri->use_count++;
-
- d(printf(" adding puri job\n"));
- job = em_format_html_job_new(efh, emfh_getpuri, puri);
+ CamelContentType *ct = ((CamelDataWrapper *)puri->part)->mime_type;
+
+ /* GtkHTML only handles text and images.
+ application/octet-stream parts are the only ones
+ which are snooped for other content. So only try
+ to pass these to it - any other types are badly
+ formed or intentionally malicious emails. They
+ will still show as attachments anyway */
+
+ if (ct && (camel_content_type_is(ct, "text", "*")
+ || camel_content_type_is(ct, "image", "*")
+ || camel_content_type_is(ct, "application", "octet-stream"))) {
+ puri->use_count++;
+
+ d(printf(" adding puri job\n"));
+ job = em_format_html_job_new(efh, emfh_getpuri, puri);
+ } else {
+ gtk_html_stream_close(handle, GTK_HTML_STREAM_ERROR);
+ }
} else if (g_ascii_strncasecmp(url, "http:", 5) == 0 || g_ascii_strncasecmp(url, "https:", 6) == 0) {
d(printf(" adding job, get %s\n", url));
job = em_format_html_job_new(efh, emfh_gethttp, g_strdup(url));
diff --git a/mail/mail-session.c b/mail/mail-session.c
index ae971c5817..86961c019f 100644
--- a/mail/mail-session.c
+++ b/mail/mail-session.c
@@ -259,7 +259,7 @@ struct _user_message_msg {
struct _mail_msg msg;
CamelSessionAlertType type;
- const char *prompt;
+ char *prompt;
unsigned int allow_cancel:1;
unsigned int result:1;
@@ -346,7 +346,15 @@ do_user_message (struct _mail_msg *mm)
}
}
-static struct _mail_msg_op user_message_op = { NULL, do_user_message, NULL, NULL };
+static void
+free_user_message(struct _mail_msg *mm)
+{
+ struct _user_message_msg *m = (struct _user_message_msg *)mm;
+
+ g_free(m->prompt);
+}
+
+static struct _mail_msg_op user_message_op = { NULL, do_user_message, NULL, free_user_message };
static gboolean
alert_user(CamelSession *session, CamelSessionAlertType type, const char *prompt, gboolean cancel)
@@ -364,7 +372,7 @@ alert_user(CamelSession *session, CamelSessionAlertType type, const char *prompt
m = mail_msg_new (&user_message_op, user_message_reply, sizeof (*m));
m->ismain = pthread_self() == mail_gui_thread;
m->type = type;
- m->prompt = prompt;
+ m->prompt = g_strdup(prompt);
m->allow_cancel = cancel;
if (m->ismain)