Fixes NB#123378, Pango hangs when checking the message details of a malformed message...

diff --git a/src/modest-text-utils.c b/src/modest-text-utils.c
index 7032d07..5b7c0bd 100644 (file)
--- a/src/modest-text-utils.c
+++ b/src/modest-text-utils.c
@@ -2010,16 +2010,35 @@ modest_text_utils_remove_duplicate_addresses_list (GSList *address_list)
 }
 
 gchar *
 }
 
 gchar *

-modest_text_utils_get_secure_header (gchar *value,
+modest_text_utils_get_secure_header (const gchar *value,

                                     const gchar *header)
 {
                                     const gchar *header)
 {

-       gchar *new_value = value;
+       const gint max_len = 128;
+       gchar *new_value = NULL;

        gchar *needle = g_strrstr (value, header);
 
        gchar *needle = g_strrstr (value, header);
 

-       if (needle) {
-               gchar *tmp = value;
+       if (needle && value != needle)

                new_value = g_strdup (needle + strlen (header));
                new_value = g_strdup (needle + strlen (header));

-               g_free (tmp);
+
+       if (!new_value)
+               new_value = g_strdup (value);
+
+       /* Do a max length check to prevent DoS attacks caused by huge
+          malformed headers */
+       if (g_utf8_validate (new_value, -1, NULL)) {
+               if (g_utf8_strlen (new_value, -1) > max_len) {
+                       gchar *tmp = g_malloc0 (max_len * 4);
+                       g_utf8_strncpy (tmp, (const gchar *) new_value, max_len);
+                       g_free (new_value);
+                       new_value = tmp;
+               }
+       } else {
+               if (strlen (new_value) > max_len) {
+                       gchar *tmp = g_malloc0 (max_len);
+                       strncpy (new_value, tmp, max_len);
+                       g_free (new_value);
+                       new_value = tmp;
+               }

        }
 
        return new_value;
        }
 
        return new_value;

diff --git a/src/modest-text-utils.h b/src/modest-text-utils.h
index ecd1c93..7cb5ab5 100644 (file)
--- a/src/modest-text-utils.h
+++ b/src/modest-text-utils.h
@@ -526,6 +526,6 @@ GSList *modest_text_utils_remove_duplicate_addresses_list (GSList *address_list)
  *
  * Returns: returns the secured header
  **/
  *
  * Returns: returns the secured header
  **/

-gchar * modest_text_utils_get_secure_header (gchar *value, const gchar *header);
+gchar * modest_text_utils_get_secure_header (const gchar *value, const gchar *header);

 
 #endif /* __MODEST_TEXT_UTILS_H__ */
 
 #endif /* __MODEST_TEXT_UTILS_H__ */

diff --git a/src/modest-tny-msg.c b/src/modest-tny-msg.c
index 82d257f..90fa27e 100644 (file)
--- a/src/modest-tny-msg.c
+++ b/src/modest-tny-msg.c
@@ -991,12 +991,16 @@ get_new_to (TnyMsg *msg, TnyHeader *header, const gchar* from,
        }
 
        /* Prevent DoS attacks caused by malformed emails */
        }
 
        /* Prevent DoS attacks caused by malformed emails */

-       if (old_from)
-               old_from = modest_text_utils_get_secure_header (old_from,
-                                                               from_header);
-       if (old_reply_to)
-               old_reply_to = modest_text_utils_get_secure_header (old_reply_to,
-                                                                   reply_header);
+       if (old_from) {
+               gchar *tmp = old_from;
+               old_from = modest_text_utils_get_secure_header ((const gchar *) tmp, from_header);
+               g_free (tmp);
+       }
+       if (old_reply_to) {
+               gchar *tmp = old_reply_to;
+               old_reply_to = modest_text_utils_get_secure_header ((const gchar *) tmp, reply_header);
+               g_free (tmp);
+       }

 
        /* for mailing lists, use both Reply-To and From if we did a
         * 'Reply All:'
 
        /* for mailing lists, use both Reply-To and From if we did a
         * 'Reply All:'

@@ -1369,6 +1373,15 @@ modest_tny_msg_header_get_all_recipients_list (TnyHeader *header)
        recipients = modest_text_utils_split_addresses_list (after_remove);
        g_free (after_remove);
 
        recipients = modest_text_utils_split_addresses_list (after_remove);
        g_free (after_remove);
 

+       if (from)
+               g_free (from);
+       if (to)
+               g_free (to);
+       if (cc)
+               g_free (cc);
+       if (bcc)
+               g_free (bcc);
+

        return recipients;
 }
 
        return recipients;
 }
 

diff --git a/src/widgets/modest-details-dialog.c b/src/widgets/modest-details-dialog.c
index 8242c34..30757c2 100644 (file)
--- a/src/widgets/modest-details-dialog.c
+++ b/src/widgets/modest-details-dialog.c
@@ -171,6 +171,7 @@ modest_details_dialog_add_data_default (ModestDetailsDialog *self,
        ModestDetailsDialogPrivate *priv;
        guint n_rows = 0;
        GtkWidget *label_w, *value_w;
        ModestDetailsDialogPrivate *priv;
        guint n_rows = 0;
        GtkWidget *label_w, *value_w;

+       gchar *secure_value;

 
        priv = MODEST_DETAILS_DIALOG_GET_PRIVATE (self);
 
 
        priv = MODEST_DETAILS_DIALOG_GET_PRIVATE (self);
 

@@ -181,12 +182,15 @@ modest_details_dialog_add_data_default (ModestDetailsDialog *self,
        gtk_misc_set_alignment (GTK_MISC (label_w), 1.0, 0.0);
        gtk_label_set_justify (GTK_LABEL (label_w), GTK_JUSTIFY_RIGHT);
 
        gtk_misc_set_alignment (GTK_MISC (label_w), 1.0, 0.0);
        gtk_label_set_justify (GTK_LABEL (label_w), GTK_JUSTIFY_RIGHT);
 

+       /* Create secure value */
+       secure_value = modest_text_utils_get_secure_header (value, "");
+

        /* Create value */
        /* Create value */

-       value_w = gtk_label_new (value);
-       gtk_label_set_line_wrap (GTK_LABEL (value_w), TRUE);
-       gtk_label_set_line_wrap_mode (GTK_LABEL (value_w), PANGO_WRAP_WORD_CHAR);
+       value_w = gtk_label_new (secure_value);
+       gtk_label_set_line_wrap ((GtkLabel *) value_w, TRUE);
+       gtk_label_set_line_wrap_mode ((GtkLabel *) value_w, PANGO_WRAP_WORD_CHAR);

        gtk_misc_set_alignment (GTK_MISC (value_w), 0.0, 0.0);
        gtk_misc_set_alignment (GTK_MISC (value_w), 0.0, 0.0);

-       gtk_label_set_justify (GTK_LABEL (value_w), GTK_JUSTIFY_LEFT);
+       gtk_label_set_justify ((GtkLabel *) value_w, GTK_JUSTIFY_LEFT);

 
        /* Attach label and value */
        gtk_table_attach (GTK_TABLE (priv->props_table), 
 
        /* Attach label and value */
        gtk_table_attach (GTK_TABLE (priv->props_table), 

@@ -201,6 +205,8 @@ modest_details_dialog_add_data_default (ModestDetailsDialog *self,
                          GTK_EXPAND|GTK_FILL, 
                          GTK_SHRINK|GTK_FILL, 
                          0, 0);
                          GTK_EXPAND|GTK_FILL, 
                          GTK_SHRINK|GTK_FILL, 
                          0, 0);

+
+       g_free (secure_value);

 }
 
 static void 
 }
 
 static void