for (node = addresses; node != NULL; node = g_slist_next (node)) {
const gchar *address = (const gchar *) node->data;
gchar *left_limit, *right_limit;
+
left_limit = strstr (address, "<");
right_limit = g_strrstr (address, ">");
return new_list;
}
+
+gchar *
+modest_text_utils_get_secure_header (const gchar *value,
+ const gchar *header)
+{
+ const gint max_len = 128;
+ gchar *new_value = NULL;
+ gchar *needle = g_strrstr (value, header);
+
+ if (needle && value != needle)
+ new_value = g_strdup (needle + strlen (header));
+
+ if (!new_value)
+ new_value = g_strdup (value);
+
+ /* Do a max length check to prevent DoS attacks caused by huge
+ malformed headers */
+ if (g_utf8_validate (new_value, -1, NULL)) {
+ if (g_utf8_strlen (new_value, -1) > max_len) {
+ gchar *tmp = g_malloc0 (max_len * 4);
+ g_utf8_strncpy (tmp, (const gchar *) new_value, max_len);
+ g_free (new_value);
+ new_value = tmp;
+ }
+ } else {
+ if (strlen (new_value) > max_len) {
+ gchar *tmp = g_malloc0 (max_len);
+ strncpy (new_value, tmp, max_len);
+ g_free (new_value);
+ new_value = tmp;
+ }
+ }
+
+ return new_value;
+}
projects / modest / blobdiff