#define SMALL_ICON_SIZE MODEST_ICON_SIZE_SMALL
#endif
+#define MODEST_HEADER_VIEW_MAX_TEXT_LENGTH 128
+
static const gchar *
get_status_string (ModestTnySendQueueStatus status)
{
}
static void
-set_cell_text (GtkCellRenderer *renderer,
- const gchar *text,
+set_cell_text (GtkCellRenderer *renderer,
+ const gchar *text,
TnyHeaderFlags flags)
{
gboolean strikethrough;
gboolean bold_is_active_color;
GdkColor *color = NULL;
PangoWeight weight;
+ gchar *newtext = NULL;
+
+ /* We have to limit the size of the text. Otherwise Pango
+ could cause freezes trying to render too large texts. This
+ prevents DoS attacks with specially malformed emails */
+ if (g_utf8_validate(text, -1, NULL)) {
+ if (g_utf8_strlen (text, -1) > MODEST_HEADER_VIEW_MAX_TEXT_LENGTH) {
+ /* UTF-8 bytes are 4 bytes length in the worst case */
+ newtext = g_malloc0 (MODEST_HEADER_VIEW_MAX_TEXT_LENGTH * 4);
+ g_utf8_strncpy (newtext, text, MODEST_HEADER_VIEW_MAX_TEXT_LENGTH);
+ text = newtext;
+ }
+ } else {
+ if (strlen (text) > MODEST_HEADER_VIEW_MAX_TEXT_LENGTH) {
+ newtext = g_malloc0 (MODEST_HEADER_VIEW_MAX_TEXT_LENGTH);
+ strncpy (newtext, text, MODEST_HEADER_VIEW_MAX_TEXT_LENGTH);
+ text = newtext;
+ }
+ }
bold_is_active_color = GPOINTER_TO_INT (g_object_get_data (G_OBJECT (renderer), BOLD_IS_ACTIVE_COLOR));
if (bold_is_active_color) {
NULL);
}
}
+
+ if (newtext)
+ g_free (newtext);
+
g_object_thaw_notify (G_OBJECT (renderer));
}
{
TnyHeaderFlags flags = 0;
gchar *recipients = NULL, *addresses;
- GSList *recipient_list;
gchar *subject = NULL;
time_t date;
GtkCellRenderer *recipient_cell, *date_or_status_cell, *subject_cell,
g_free (subject);
/* Show the list of senders/recipients */
- addresses = NULL;
- recipient_list = modest_text_utils_split_addresses_list (recipients);
- if (recipient_list) {
- GString *add_string = g_string_sized_new (strlen (recipients));
- GSList *iter = recipient_list;
- gboolean first = TRUE;
-
- while (iter) {
- /* Strings are changed in place */
- modest_text_utils_get_display_address ((gchar *) iter->data);
- if (G_UNLIKELY (first)) {
- g_string_append_printf (add_string, "%s", (gchar *) iter->data);
- first = FALSE;
- } else {
- g_string_append_printf (add_string, ", %s", (gchar *) iter->data);
- }
- iter = g_slist_next (iter);
- }
- g_slist_foreach (recipient_list, (GFunc) g_free, NULL);
- g_slist_free (recipient_list);
- addresses = g_string_free (add_string, FALSE);
- }
-
+ addresses = modest_text_utils_get_display_addresses ((const gchar *) recipients);
set_cell_text (recipient_cell, (addresses) ? addresses : _("mail_va_no_to"), flags);
g_free (addresses);
g_free (recipients);
projects / modest / blobdiff