+ gchar *newtext = NULL;
+
+ /* We have to limit the size of the text. Otherwise Pango
+ could cause freezes trying to render too large texts. This
+ prevents DoS attacks with specially malformed emails */
+ if (g_utf8_validate(text, -1, NULL)) {
+ if (g_utf8_strlen (text, -1) > MODEST_HEADER_VIEW_MAX_TEXT_LENGTH) {
+ /* UTF-8 bytes are 4 bytes length in the worst case */
+ newtext = g_malloc0 (MODEST_HEADER_VIEW_MAX_TEXT_LENGTH * 4);
+ g_utf8_strncpy (newtext, text, MODEST_HEADER_VIEW_MAX_TEXT_LENGTH);
+ text = newtext;
+ }
+ } else {
+ if (strlen (text) > MODEST_HEADER_VIEW_MAX_TEXT_LENGTH) {
+ newtext = g_malloc0 (MODEST_HEADER_VIEW_MAX_TEXT_LENGTH);
+ strncpy (newtext, text, MODEST_HEADER_VIEW_MAX_TEXT_LENGTH);
+ text = newtext;
+ }
+ }