[evolution] Be more strict in inline PGP mime filter/part parser

From: Milan Crha <mcrha src gnome org>
To: commits-list gnome org
Cc:
Subject: [evolution] Be more strict in inline PGP mime filter/part parser
Date: Thu, 10 Jan 2013 19:31:14 +0000 (UTC)
commit 9468fc2f6b7f2c689dc35f7617b4a91d1bb04993
Author: Milan Crha <mcrha redhat com>
Date:   Thu Jan 10 20:29:50 2013 +0100

    Be more strict in inline PGP mime filter/part parser

 em-format/e-mail-inline-filter.c              |   38 ++++++++++++++++++++++--
 em-format/e-mail-parser-inlinepgp-encrypted.c |    5 +++
 em-format/e-mail-parser-inlinepgp-signed.c    |    5 +++
 3 files changed, 44 insertions(+), 4 deletions(-)
---
diff --git a/em-format/e-mail-inline-filter.c b/em-format/e-mail-inline-filter.c
index 1cd6781..8f31409 100644
--- a/em-format/e-mail-inline-filter.c
+++ b/em-format/e-mail-inline-filter.c
@@ -199,6 +199,32 @@ inline_filter_add_part (EMailInlineFilter *emif,
 	emif->parts = g_slist_append (emif->parts, part);
 }
 
+static gboolean
+newline_or_whitespace_follows (const gchar *str,
+			       guint len,
+			       guint skip_first)
+{
+	if (len <= skip_first)
+		return len == skip_first;
+
+	str += skip_first;
+	len -= skip_first;
+
+	while (len > 0 && *str != '\n') {
+		if (!*str)
+			return TRUE;
+
+		
+		if (!camel_mime_is_lwsp (*str))
+			return FALSE;
+
+		len--;
+		str++;
+	}
+
+	return len == 0 || *str == '\n';
+}
+
 static gint
 inline_filter_scan (CamelMimeFilter *f,
                     gchar *in,
@@ -247,12 +273,14 @@ inline_filter_scan (CamelMimeFilter *f,
 				inline_filter_add_part (emif, data_start, start - data_start);
 				data_start = start;
 				emif->state = EMIF_POSTSCRIPT;
-			} else if (rest_len >= 34 && strncmp (start, "-----BEGIN PGP SIGNED MESSAGE-----", 34) == 0) {
+			} else if (rest_len >= 34 && strncmp (start, "-----BEGIN PGP SIGNED MESSAGE-----", 34) == 0 &&
+				   newline_or_whitespace_follows (start, rest_len, 34)) {
 				restore_inptr ();
 				inline_filter_add_part (emif, data_start, start - data_start);
 				data_start = start;
 				emif->state = EMIF_PGPSIGNED;
-			} else if (rest_len >= 27 && strncmp (start, "-----BEGIN PGP MESSAGE-----", 27) == 0) {
+			} else if (rest_len >= 27 && strncmp (start, "-----BEGIN PGP MESSAGE-----", 27) == 0 &&
+				   newline_or_whitespace_follows (start, rest_len, 27)) {
 				restore_inptr ();
 				inline_filter_add_part (emif, data_start, start - data_start);
 				data_start = start;
@@ -279,7 +307,8 @@ inline_filter_scan (CamelMimeFilter *f,
 			}
 			break;
 		case EMIF_PGPSIGNED:
-			if (rest_len >= 27 && strncmp (start, "-----END PGP SIGNATURE-----", 27) == 0) {
+			if (rest_len >= 27 && strncmp (start, "-----END PGP SIGNATURE-----", 27) == 0 &&
+			    newline_or_whitespace_follows (start, rest_len, 27)) {
 				restore_inptr ();
 				inline_filter_add_part (emif, data_start, inptr - data_start);
 				data_start = inptr;
@@ -288,7 +317,8 @@ inline_filter_scan (CamelMimeFilter *f,
 			}
 			break;
 		case EMIF_PGPENCRYPTED:
-			if (rest_len >= 25 && strncmp (start, "-----END PGP MESSAGE-----", 25) == 0) {
+			if (rest_len >= 25 && strncmp (start, "-----END PGP MESSAGE-----", 25) == 0 &&
+			    newline_or_whitespace_follows (start, rest_len, 25)) {
 				restore_inptr ();
 				inline_filter_add_part (emif, data_start, inptr - data_start);
 				data_start = inptr;
diff --git a/em-format/e-mail-parser-inlinepgp-encrypted.c b/em-format/e-mail-parser-inlinepgp-encrypted.c
index 885f915..624452c 100644
--- a/em-format/e-mail-parser-inlinepgp-encrypted.c
+++ b/em-format/e-mail-parser-inlinepgp-encrypted.c
@@ -61,6 +61,11 @@ empe_inlinepgp_encrypted_parse (EMailParserExtension *extension,
 	GList *head, *link;
 	GError *local_error = NULL;
 
+	if (g_cancellable_is_cancelled (cancellable) ||
+	    /* avoid recursion */
+	    (part_id->str && part_id->len > 20 && g_str_has_suffix (part_id->str, ".inlinepgp_encrypted")))
+ 		return FALSE;
+
 	cipher = camel_gpg_context_new (e_mail_parser_get_session (parser));
 
 	opart = camel_mime_part_new ();
diff --git a/em-format/e-mail-parser-inlinepgp-signed.c b/em-format/e-mail-parser-inlinepgp-signed.c
index 2b11d6e..fb65e5c 100644
--- a/em-format/e-mail-parser-inlinepgp-signed.c
+++ b/em-format/e-mail-parser-inlinepgp-signed.c
@@ -66,6 +66,11 @@ empe_inlinepgp_signed_parse (EMailParserExtension *extension,
 	GError *local_error = NULL;
 	GByteArray *ba;
 
+	if (g_cancellable_is_cancelled (cancellable) ||
+	    /* avoid recursion */
+	    (part_id->str && part_id->len > 17 && g_str_has_suffix (part_id->str, ".inlinepgp_signed")))
+ 		return FALSE;
+
 	cipher = camel_gpg_context_new (e_mail_parser_get_session (parser));
 
 	/* Verify the signature of the message */
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]