evolution-data-server r8656 - trunk/camel

[fejj svn gnome org]

Author: fejj
Date: Thu Apr 17 19:18:08 2008
New Revision: 8656
URL: http://svn.gnome.org/viewvc/evolution-data-server?rev=8656&view=rev

Log:
2008-04-17  Jeffrey Stedfast  <fejj novell com>

	* camel-mime-filter-pgp.c (filter_run): Properly handle CRLF
	line-endings and fixed the logic so that we could never read
	beyond the end of the buffer. Also fixed the "blank line end of
	headers" case which only allowed a single whitespace character.



Modified:
   trunk/camel/ChangeLog
   trunk/camel/camel-mime-filter-pgp.c

Modified: trunk/camel/camel-mime-filter-pgp.c
==============================================================================
--- trunk/camel/camel-mime-filter-pgp.c	(original)
+++ trunk/camel/camel-mime-filter-pgp.c	Thu Apr 17 19:18:08 2008
@@ -79,6 +79,10 @@
 #define BEGIN_PGP_SIGNATURE      "-----BEGIN PGP SIGNATURE-----"
 #define END_PGP_SIGNATURE        "-----END PGP SIGNATURE-----"
 
+#define BEGIN_PGP_SIGNED_MESSAGE_LEN (sizeof (BEGIN_PGP_SIGNED_MESSAGE) - 1)
+#define BEGIN_PGP_SIGNATURE_LEN      (sizeof (BEGIN_PGP_SIGNATURE) - 1)
+#define END_PGP_SIGNATURE_LEN        (sizeof (END_PGP_SIGNATURE) - 1)
+
 static void
 filter_run(CamelMimeFilter *f, char *in, size_t len, size_t prespace, char **out, size_t *outlen, size_t *outprespace, int last)
 {
@@ -86,18 +90,24 @@
 	const char *start, *inend = in + len;
 	register const char *inptr = in;
 	register char *o;
-
+	gboolean blank;
+	size_t len;
+	
 	/* only need as much space as the input, we're stripping chars */
 	camel_mime_filter_set_size (f, len, FALSE);
-
+	
 	o = f->outbuf;
-
+	
 	while (inptr < inend) {
 		start = inptr;
-
-		while (inptr < inend && *inptr != '\n')
+		
+		blank = TRUE;
+		while (inptr < inend && *inptr != '\n') {
+			if (blank && !strchr (" \t\r", *inptr))
+				blank = FALSE;
 			inptr++;
-
+		}
+		
 		if (inptr == inend) {
 			if (!last) {
 				camel_mime_filter_backup (f, start, inend - start);
@@ -105,49 +115,53 @@
 			}
 			break;
 		}
-
+		
+		len = inptr - start;
+		if (len > 0 && inptr[-1] == '\r')
+			len--;
+		
 		inptr++;
-
+		
 		switch (pgp->state) {
 		case PGP_PREFACE:
 			/* check for the beginning of the pgp block */
-			if (!strncmp (start, BEGIN_PGP_SIGNED_MESSAGE, sizeof (BEGIN_PGP_SIGNED_MESSAGE) - 1)) {
+			if (len == BEGIN_PGP_SIGNED_MESSAGE_LEN && !strncmp (start, BEGIN_PGP_SIGNED_MESSAGE, len)) {
 				pgp->state++;
 				break;
 			}
-
+			
 			memcpy (o, start, inptr - start);
 			o += (inptr - start);
 			break;
 		case PGP_HEADER:
 			/* pgp headers (Hash: SHA1, etc) end with a blank (zero-length,
 			   or containing only whitespace) line; see RFC2440 */
-			if ((inptr - start) == 1 || ((inptr - start) == 2 && *(inptr - 2) == 0x20))
+			if (blank)
 				pgp->state++;
 			break;
 		case PGP_MESSAGE:
 			/* check for beginning of the pgp signature block */
-			if (!strncmp (start, BEGIN_PGP_SIGNATURE, sizeof (BEGIN_PGP_SIGNATURE) - 1)) {
+			if (len == BEGIN_PGP_SIGNATURE_LEN && !strncmp (start, BEGIN_PGP_SIGNATURE, len)) {
 				pgp->state++;
 				break;
 			}
-
+			
 			/* do dash decoding */
 			if (!strncmp (start, "- ", 2)) {
 				/* Dash encoded line found, skip encoding */
 				start += 2;
 			}
-
+			
 			memcpy (o, start, inptr - start);
 			o += (inptr - start);
 			break;
 		case PGP_FOOTER:
-			if (!strncmp (start, END_PGP_SIGNATURE, sizeof (END_PGP_SIGNATURE) - 1))
+			if (len == END_PGP_SIGNATURE_LEN && !strncmp (start, END_PGP_SIGNATURE, len))
 				pgp->state = PGP_PREFACE;
 			break;
 		}
 	}
-
+	
 	*out = f->outbuf;
 	*outlen = o - f->outbuf;
 	*outprespace = f->outpre;