[evolution-patches] idea for speeding up some spams/broken mails



certain virus/spam mails drop binary data in an iframe - gtkhtml tries
to render it, and it takes a long time.

This patch short-cuts broken mails and doesn't try to dump anything
other than content gtkhtml can handle when it asks for it, the content
will just show as a normal attachment instead.

So it is a performance patch for a certain class of broken messages.

It may cause otherwise broken emails that currently 'render correctly'
to not.  Tough luck I think.

 Michael

Index: mail/ChangeLog
===================================================================
RCS file: /cvs/gnome/evolution/mail/ChangeLog,v
retrieving revision 1.3647
diff -u -p -r1.3647 ChangeLog
--- mail/ChangeLog	21 Jun 2005 05:33:47 -0000	1.3647
+++ mail/ChangeLog	24 Jun 2005 08:49:30 -0000
@@ -1,3 +1,10 @@
+2005-06-24  Not Zed  <NotZed Ximian com>
+
+	* em-format-html.c (efh_url_requested): dont pass data gtkhtml
+	definitely can't handle, to gtkhtml.  This is no security patch,
+	but stops gtkhtml wasting time tying to render malicious mails or
+	other rubbish.
+
 2005-06-21 Brian Mury <b mury ieee org>
 
 	** See bug #301466.
Index: mail/em-format-html.c
===================================================================
RCS file: /cvs/gnome/evolution/mail/em-format-html.c,v
retrieving revision 1.78
diff -u -p -r1.78 em-format-html.c
--- mail/em-format-html.c	19 May 2005 06:06:35 -0000	1.78
+++ mail/em-format-html.c	24 Jun 2005 08:49:31 -0000
@@ -527,10 +527,25 @@ efh_url_requested(GtkHTML *html, const c
 
 	puri = em_format_find_visible_puri((EMFormat *)efh, url);
 	if (puri) {
-		puri->use_count++;
+		CamelContentType *ct = ((CamelDataWrapper *)puri->part)->mime_type;
 
-		d(printf(" adding puri job\n"));
-		job = em_format_html_job_new(efh, emfh_getpuri, puri);
+		/* GtkHTML only handles text and images.
+		   application/octet-stream parts are the only ones
+		   which are snooped for other content.  So only try
+		   to pass these to it - any other types are badly
+		   formed or intentionally malicious emails.  They
+		   will still show as attachments anyway */
+
+		if (ct && (camel_content_type_is(ct, "text", "*")
+			   || camel_content_type_is(ct, "image", "*")
+			   || camel_content_type_is(ct, "application", "octet-stream"))) {
+			puri->use_count++;
+
+			d(printf(" adding puri job\n"));
+			job = em_format_html_job_new(efh, emfh_getpuri, puri);
+		} else {
+			gtk_html_stream_close(handle, GTK_HTML_STREAM_ERROR);
+		}
 	} else if (g_ascii_strncasecmp(url, "http:", 5) == 0 || g_ascii_strncasecmp(url, "https:", 6) == 0) {
 		d(printf(" adding job, get %s\n", url));
 		job = em_format_html_job_new(efh, emfh_gethttp, g_strdup(url));


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]