diff options
-rw-r--r-- | mail/ChangeLog | 15 | ||||
-rw-r--r-- | mail/em-format-html.c | 23 | ||||
-rw-r--r-- | mail/mail-session.c | 14 |
3 files changed, 45 insertions, 7 deletions
diff --git a/mail/ChangeLog b/mail/ChangeLog index 16407fb6bc..c5cbc39e5e 100644 --- a/mail/ChangeLog +++ b/mail/ChangeLog @@ -1,3 +1,18 @@ +2005-06-25 Not Zed <NotZed@Ximian.com> + + ** See bug #307398 + + * mail-session.c (alert_user): copy the prompt string, in 'no + cancel' mode we run asynchronously. + (free_user_message): & free it. + +2005-06-24 Not Zed <NotZed@Ximian.com> + + * em-format-html.c (efh_url_requested): dont pass data gtkhtml + definitely can't handle, to gtkhtml. This is no security patch, + but stops gtkhtml wasting time tying to render malicious mails or + other rubbish. + 2005-06-21 Brian Mury <b.mury@ieee.org> ** See bug #301466. diff --git a/mail/em-format-html.c b/mail/em-format-html.c index d00387ba80..ad26fbacad 100644 --- a/mail/em-format-html.c +++ b/mail/em-format-html.c @@ -527,10 +527,25 @@ efh_url_requested(GtkHTML *html, const char *url, GtkHTMLStream *handle, EMForma puri = em_format_find_visible_puri((EMFormat *)efh, url); if (puri) { - puri->use_count++; - - d(printf(" adding puri job\n")); - job = em_format_html_job_new(efh, emfh_getpuri, puri); + CamelContentType *ct = ((CamelDataWrapper *)puri->part)->mime_type; + + /* GtkHTML only handles text and images. + application/octet-stream parts are the only ones + which are snooped for other content. So only try + to pass these to it - any other types are badly + formed or intentionally malicious emails. They + will still show as attachments anyway */ + + if (ct && (camel_content_type_is(ct, "text", "*") + || camel_content_type_is(ct, "image", "*") + || camel_content_type_is(ct, "application", "octet-stream"))) { + puri->use_count++; + + d(printf(" adding puri job\n")); + job = em_format_html_job_new(efh, emfh_getpuri, puri); + } else { + gtk_html_stream_close(handle, GTK_HTML_STREAM_ERROR); + } } else if (g_ascii_strncasecmp(url, "http:", 5) == 0 || g_ascii_strncasecmp(url, "https:", 6) == 0) { d(printf(" adding job, get %s\n", url)); job = em_format_html_job_new(efh, emfh_gethttp, g_strdup(url)); diff --git a/mail/mail-session.c b/mail/mail-session.c index ae971c5817..86961c019f 100644 --- a/mail/mail-session.c +++ b/mail/mail-session.c @@ -259,7 +259,7 @@ struct _user_message_msg { struct _mail_msg msg; CamelSessionAlertType type; - const char *prompt; + char *prompt; unsigned int allow_cancel:1; unsigned int result:1; @@ -346,7 +346,15 @@ do_user_message (struct _mail_msg *mm) } } -static struct _mail_msg_op user_message_op = { NULL, do_user_message, NULL, NULL }; +static void +free_user_message(struct _mail_msg *mm) +{ + struct _user_message_msg *m = (struct _user_message_msg *)mm; + + g_free(m->prompt); +} + +static struct _mail_msg_op user_message_op = { NULL, do_user_message, NULL, free_user_message }; static gboolean alert_user(CamelSession *session, CamelSessionAlertType type, const char *prompt, gboolean cancel) @@ -364,7 +372,7 @@ alert_user(CamelSession *session, CamelSessionAlertType type, const char *prompt m = mail_msg_new (&user_message_op, user_message_reply, sizeof (*m)); m->ismain = pthread_self() == mail_gui_thread; m->type = type; - m->prompt = prompt; + m->prompt = g_strdup(prompt); m->allow_cancel = cancel; if (m->ismain) |