From: Sergio Villar Senin <svillar@igalia.com>
Date: Tue, 28 Jul 2009 16:08:56 +0000 (+0200)
Subject: Fixes NB#122195, modest becames inaccessible with specially malformed email with... 
X-Git-Tag: 3.0.17-rc26~1
X-Git-Url: http://git.maemo.org/git/?p=modest;a=commitdiff_plain;h=4d4e53bc3b65b7f9d5ce0496b5e79053e731f8c8;hp=63ff29839d53ebc0d2adb48ef3a562f39e71a801

Fixes NB#122195, modest becames inaccessible with specially malformed email with huge subjects
---

diff --git a/src/widgets/modest-header-view-render.c b/src/widgets/modest-header-view-render.c
index a7a242a..d2a6c96 100644
--- a/src/widgets/modest-header-view-render.c
+++ b/src/widgets/modest-header-view-render.c
@@ -48,6 +48,8 @@
 #define SMALL_ICON_SIZE MODEST_ICON_SIZE_SMALL
 #endif
 
+#define MODEST_HEADER_VIEW_MAX_TEXT_LENGTH 128
+
 static const gchar *
 get_status_string (ModestTnySendQueueStatus status)
 {
@@ -127,14 +129,33 @@ set_common_flags (GtkCellRenderer *renderer, TnyHeaderFlags flags)
 }
 
 static void
-set_cell_text (GtkCellRenderer *renderer, 
-	       const gchar *text, 
+set_cell_text (GtkCellRenderer *renderer,
+	       const gchar *text,
 	       TnyHeaderFlags flags)
 {
 	gboolean strikethrough;
 	gboolean bold_is_active_color;
 	GdkColor *color = NULL;
 	PangoWeight weight;
+	gchar *newtext = NULL;
+
+	/* We have to limit the size of the text. Otherwise Pango
+	   could cause freezes trying to render too large texts. This
+	   prevents DoS attacks with specially malformed emails */
+	if (g_utf8_validate(text, -1, NULL)) {
+		if (g_utf8_strlen (text, -1) > MODEST_HEADER_VIEW_MAX_TEXT_LENGTH) {
+			/* UTF-8 bytes are 4 bytes length in the worst case */
+			newtext = g_malloc0 (MODEST_HEADER_VIEW_MAX_TEXT_LENGTH * 4);
+			g_utf8_strncpy (newtext, text, MODEST_HEADER_VIEW_MAX_TEXT_LENGTH);
+			text = newtext;
+		}
+	} else {
+		if (strlen (text) > MODEST_HEADER_VIEW_MAX_TEXT_LENGTH) {
+			newtext = g_malloc0 (MODEST_HEADER_VIEW_MAX_TEXT_LENGTH);
+			strncpy (newtext, text, MODEST_HEADER_VIEW_MAX_TEXT_LENGTH);
+			text = newtext;
+		}
+	}
 
 	bold_is_active_color = GPOINTER_TO_INT (g_object_get_data (G_OBJECT (renderer), BOLD_IS_ACTIVE_COLOR));
 	if (bold_is_active_color) {
@@ -165,6 +186,10 @@ set_cell_text (GtkCellRenderer *renderer,
 				      NULL);
 		}
 	}
+
+	if (newtext)
+		g_free (newtext);
+
 	g_object_thaw_notify (G_OBJECT (renderer));
 }