return retval;
}
+
+/* Performs a case-insensitive strstr for ASCII strings */
+static const gchar *
+ascii_stristr(const gchar *haystack, const gchar *needle)
+{
+ int needle_len;
+ int haystack_len;
+ const gchar *pos;
+ const gchar *max_pos;
+
+ if (haystack == NULL || needle == NULL) {
+ return haystack; /* as in strstr */
+ }
+
+ needle_len = strlen(needle);
+
+ if (needle_len == 0) {
+ return haystack; /* as in strstr */
+ }
+
+ haystack_len = strlen(haystack);
+ max_pos = haystack + haystack_len - needle_len;
+
+ for (pos = haystack; pos <= max_pos; pos++) {
+ if (g_ascii_strncasecmp (pos, needle, needle_len) == 0) {
+ return pos;
+ }
+ }
+
+ return NULL;
+}
+
+
gchar*
modest_text_utils_remove_address (const gchar *address_list, const gchar *address)
{
gchar *email_address;
g_return_val_if_fail (address_list, NULL);
-
+
if (!address)
return g_strdup (address_list);
email_address = get_email_from_address (address);
-
+
/* search for substring */
- if (!strstr ((const char *) address_list, (const char *) email_address)) {
+ if (!ascii_stristr ((const char *) address_list, (const char *) email_address)) {
g_free (email_address);
return g_strdup (address_list);
}
dup = g_strdup (address_list);
filtered_emails = g_string_new (NULL);
-
+
token = strtok_r (dup, ",", &ptr);
while (token != NULL) {
/* Add to list if not found */
- if (!strstr ((const char *) token, (const char *) email_address)) {
+ if (!ascii_stristr ((const char *) token, (const char *) email_address)) {
if (filtered_emails->len == 0)
g_string_append_printf (filtered_emails, "%s", g_strstrip (token));
else
guchar kar = data[i];
if (space_seen && kar != ' ') {
- g_string_append (html, " ");
+ g_string_append (html, " ");
space_seen = FALSE;
}
break_dist = 0;
if (space_seen) { /* second space in a row */
g_string_append (html, " ");
- space_seen = FALSE;
} else
space_seen = TRUE;
break;
g_string_prepend (l, remaining->str);
} else {
do {
+ gunichar remaining_first;
breakpoint =
get_breakpoint (remaining->str,
rem_indent,
remaining, breakpoint);
g_string_erase (remaining, 0,
breakpoint);
- if (remaining->str[0] == ' ') {
- g_string_erase (remaining, 0,
- 1);
+ remaining_first = g_utf8_get_char_validated (remaining->str, remaining->len);
+ if (remaining_first != ((gunichar) -1)) {
+ if (g_unichar_isspace (remaining_first)) {
+ g_string_erase (remaining, 0, g_utf8_next_char (remaining->str) - remaining->str);
+ }
}
} while (remaining->len);
}
const gchar *address = (const gchar *) node->data;
gchar *left_limit, *right_limit;
- if (address && strstr(address, "undisclosed-recipients"))
- continue;
-
left_limit = strstr (address, "<");
right_limit = g_strrstr (address, ">");
return new_list;
}
+
+gchar *
+modest_text_utils_get_secure_header (const gchar *value,
+ const gchar *header)
+{
+ const gint max_len = 128;
+ gchar *new_value = NULL;
+ gchar *needle = g_strrstr (value, header);
+
+ if (needle && value != needle)
+ new_value = g_strdup (needle + strlen (header));
+
+ if (!new_value)
+ new_value = g_strdup (value);
+
+ /* Do a max length check to prevent DoS attacks caused by huge
+ malformed headers */
+ if (g_utf8_validate (new_value, -1, NULL)) {
+ if (g_utf8_strlen (new_value, -1) > max_len) {
+ gchar *tmp = g_malloc0 (max_len * 4);
+ g_utf8_strncpy (tmp, (const gchar *) new_value, max_len);
+ g_free (new_value);
+ new_value = tmp;
+ }
+ } else {
+ if (strlen (new_value) > max_len) {
+ gchar *tmp = g_malloc0 (max_len);
+ strncpy (new_value, tmp, max_len);
+ g_free (new_value);
+ new_value = tmp;
+ }
+ }
+
+ return new_value;
+}