From: Sergio Villar Senin Date: Wed, 29 Jul 2009 10:31:53 +0000 (+0200) Subject: Fixes NB#122697, prevent DoS attacks when replying to emails with malformed "Reply... X-Git-Tag: 3.0.17-rc27~2 X-Git-Url: http://git.maemo.org/git/?p=modest;a=commitdiff_plain;h=4e20c90f5906916473d0720917f436f570ebb556;ds=sidebyside Fixes NB#122697, prevent DoS attacks when replying to emails with malformed "Reply-To" or "From" headers --- diff --git a/src/modest-text-utils.c b/src/modest-text-utils.c index 7598f04..7032d07 100644 --- a/src/modest-text-utils.c +++ b/src/modest-text-utils.c @@ -2008,3 +2008,19 @@ modest_text_utils_remove_duplicate_addresses_list (GSList *address_list) return new_list; } + +gchar * +modest_text_utils_get_secure_header (gchar *value, + const gchar *header) +{ + gchar *new_value = value; + gchar *needle = g_strrstr (value, header); + + if (needle) { + gchar *tmp = value; + new_value = g_strdup (needle + strlen (header)); + g_free (tmp); + } + + return new_value; +} diff --git a/src/modest-text-utils.h b/src/modest-text-utils.h index 3608935..ecd1c93 100644 --- a/src/modest-text-utils.h +++ b/src/modest-text-utils.h @@ -515,4 +515,17 @@ gchar *modest_text_utils_simplify_recipients (const gchar *recipient); */ GSList *modest_text_utils_remove_duplicate_addresses_list (GSList *address_list); +/** + * modest_text_utils_get_secure_header: + * @value: the value of a mail header + * @header: the header that we're evaluating + * + * This function returns the secure value for a header. Basically it + * avoids DoS attacks caused by specially malformed headers like for + * example. From:From:From...From: some@mail.com + * + * Returns: returns the secured header + **/ +gchar * modest_text_utils_get_secure_header (gchar *value, const gchar *header); + #endif /* __MODEST_TEXT_UTILS_H__ */ diff --git a/src/modest-tny-msg.c b/src/modest-tny-msg.c index 8e4c86f..82d257f 100644 --- a/src/modest-tny-msg.c +++ b/src/modest-tny-msg.c @@ -961,6 +961,8 @@ static gchar* get_new_to (TnyMsg *msg, TnyHeader *header, const gchar* from, ModestTnyMsgReplyMode reply_mode) { + const gchar *reply_header = "Reply-To:"; + const gchar *from_header = "From:"; gchar* old_reply_to; gchar* old_from; gchar* new_to; @@ -981,13 +983,21 @@ get_new_to (TnyMsg *msg, TnyHeader *header, const gchar* from, old_reply_to = modest_tny_mime_part_get_header_value (TNY_MIME_PART(msg), "Reply-To"); old_from = tny_header_dup_from (header); - + if (!old_from && !old_reply_to) { g_debug ("%s: failed to get either Reply-To: or From: from header", __FUNCTION__); return NULL; } - + + /* Prevent DoS attacks caused by malformed emails */ + if (old_from) + old_from = modest_text_utils_get_secure_header (old_from, + from_header); + if (old_reply_to) + old_reply_to = modest_text_utils_get_secure_header (old_reply_to, + reply_header); + /* for mailing lists, use both Reply-To and From if we did a * 'Reply All:' * */