[evolution] Bug #657374 - mailto: attachment parameter can lead to accidental data exfiltration

[Vibha Yadav <yvibha src gnome org>]

commit 1544ad3a69ff1f19993eb7081f2ed09f9d12fc3a
Author: Vibha Yadav <yvibha novell com>
Date:   Thu Sep 15 18:03:53 2011 +0530

    Bug #657374 - mailto: attachment parameter can lead to accidental data exfiltration
    
    Through warning on attaching Hidden/security files by mailto command.

 composer/e-msg-composer.c |   30 ++++++++++++++++++++++++++++++
 mail/mail.error.xml       |    5 +++++
 2 files changed, 35 insertions(+), 0 deletions(-)
---
diff --git a/composer/e-msg-composer.c b/composer/e-msg-composer.c
index c41c401..0eaf3ca 100644
--- a/composer/e-msg-composer.c
+++ b/composer/e-msg-composer.c
@@ -128,6 +128,8 @@ static void	handle_multipart_signed		(EMsgComposer *composer,
 
 static void	e_msg_composer_alert_sink_init	(EAlertSinkInterface *interface);
 
+gboolean 	check_blacklisted_file		(gchar *filename);
+
 G_DEFINE_TYPE_WITH_CODE (
 	EMsgComposer,
 	e_msg_composer,
@@ -4003,6 +4005,28 @@ merge_always_cc_and_bcc (EComposerHeaderTable *table,
 	e_destination_freev (addrv);
 }
 
+static const gchar *blacklisted_files [] = {".", "etc", ".."};
+
+gboolean check_blacklisted_file (gchar *filename)
+{
+	gboolean blacklisted = FALSE;
+	gint i,j,len;
+	gchar **filename_part;
+
+	filename_part = g_strsplit (filename, G_DIR_SEPARATOR_S, -1);
+	len = g_strv_length(filename_part);
+	for(i = 0; !blacklisted && i < G_N_ELEMENTS(blacklisted_files); i++)
+	{
+		for (j = 0; !blacklisted && j < len;j++)
+			if (g_str_has_prefix (filename_part[j], blacklisted_files[i]))
+				blacklisted = TRUE;
+	}
+
+	g_strfreev(filename_part);
+	
+	return blacklisted;
+}
+
 static void
 handle_mailto (EMsgComposer *composer,
                const gchar *mailto)
@@ -4094,8 +4118,14 @@ handle_mailto (EMsgComposer *composer,
 			} else if (!g_ascii_strcasecmp (header, "attach") ||
 				   !g_ascii_strcasecmp (header, "attachment")) {
 				EAttachment *attachment;
+				gboolean check = FALSE;
 
 				camel_url_decode (content);
+				check = check_blacklisted_file(content);
+				if(check)
+					e_alert_submit (
+		                        	E_ALERT_SINK (composer),
+                			        "mail:blacklisted-file", content, NULL);
 				if (g_ascii_strncasecmp (content, "file:", 5) == 0)
 					attachment = e_attachment_new_for_uri (content);
 				else
diff --git a/mail/mail.error.xml b/mail/mail.error.xml
index f32b4ce..006cc55 100644
--- a/mail/mail.error.xml
+++ b/mail/mail.error.xml
@@ -540,5 +540,10 @@ An mbox account will be created to preserve the old mbox folders. You can delete
     <_secondary>The reported error was &quot;{0}&quot;.</_secondary>
   </error>
 
+  <error id="blacklisted-file" type="warning">
+    <_primary>Hidden file is attached.</_primary>
+    <_secondary xml:space="preserve">The attachment named {0} is a hidden file and may contain sensitive data. Please review it before sending.</_secondary>
+  </error>
+
 </error-list>