diff options
author | Aleksander Machniak <alec@alec.pl> | 2013-04-06 19:28:47 +0200 |
---|---|---|
committer | Aleksander Machniak <alec@alec.pl> | 2013-04-06 19:29:55 +0200 |
commit | 6f4b50abea536bd13a3dc6dde04aaee825dc8c8e (patch) | |
tree | ef2cdae615a0fc8c6f97021dcd094c34730f5857 | |
parent | 9404f4a7a65382a26f01cf48fd9ab43ef7b1a339 (diff) |
Fix handling of invalid characters in message headers and output (#1489032)
Conflicts:
CHANGELOG
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | program/lib/Roundcube/html.php | 12 | ||||
-rw-r--r-- | program/lib/Roundcube/rcube_message.php | 15 | ||||
-rw-r--r-- | program/lib/Roundcube/rcube_message_header.php | 7 | ||||
-rw-r--r-- | program/steps/mail/compose.inc | 8 | ||||
-rw-r--r-- | program/steps/mail/func.inc | 2 | ||||
-rw-r--r-- | program/steps/mail/show.inc | 2 |
7 files changed, 30 insertions, 17 deletions
@@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Fix handling of invalid characters in message headers and output (#1489032) - Avoid race-conditions with concurrent attachment uploads (#1488422) - Fix selecting collapsed rows on select-all (#1489036) - Fix possible header duplicates when using additional headers (#1489033) diff --git a/program/lib/Roundcube/html.php b/program/lib/Roundcube/html.php index 522a82305..b437a9928 100644 --- a/program/lib/Roundcube/html.php +++ b/program/lib/Roundcube/html.php @@ -35,6 +35,7 @@ class html public static $common_attrib = array('id','class','style','title','align'); public static $containers = array('iframe','div','span','p','h1','h2','h3','form','textarea','table','thead','tbody','tr','th','td','style','script'); + /** * Constructor * @@ -332,7 +333,16 @@ class html */ public static function quote($str) { - return @htmlspecialchars($str, ENT_COMPAT, RCUBE_CHARSET); + static $flags; + + if (!$flags) { + $flags = ENT_COMPAT; + if (defined('ENT_SUBSTITUTE')) { + $flags |= ENT_SUBSTITUTE; + } + } + + return @htmlspecialchars($str, $flags, RCUBE_CHARSET); } } diff --git a/program/lib/Roundcube/rcube_message.php b/program/lib/Roundcube/rcube_message.php index 89819c5e6..4e454c60a 100644 --- a/program/lib/Roundcube/rcube_message.php +++ b/program/lib/Roundcube/rcube_message.php @@ -85,12 +85,13 @@ class rcube_message $this->headers = $this->storage->get_message($uid); - if (!$this->headers) + if (!$this->headers) { return; + } $this->mime = new rcube_mime($this->headers->charset); - $this->subject = $this->mime->decode_mime_string($this->headers->subject); + $this->subject = $this->headers->get('subject'); list(, $this->sender) = each($this->mime->decode_address_list($this->headers->from, 1)); $this->set_safe((intval($_GET['_safe']) || $_SESSION['safe_messages'][$this->folder.':'.$uid])); @@ -125,15 +126,11 @@ class rcube_message */ public function get_header($name, $raw = false) { - if (empty($this->headers)) + if (empty($this->headers)) { return null; + } - if ($this->headers->$name) - $value = $this->headers->$name; - else if ($this->headers->others[$name]) - $value = $this->headers->others[$name]; - - return $raw ? $value : $this->mime->decode_header($value); + return $this->headers->get($name, !$raw); } diff --git a/program/lib/Roundcube/rcube_message_header.php b/program/lib/Roundcube/rcube_message_header.php index 274ae7f9f..2c5e2b6c8 100644 --- a/program/lib/Roundcube/rcube_message_header.php +++ b/program/lib/Roundcube/rcube_message_header.php @@ -215,7 +215,12 @@ class rcube_message_header $value = $this->others[$name]; } - return $decode ? rcube_mime::decode_header($value, $this->charset) : $value; + if ($decode) { + $value = rcube_mime::decode_header($value, $this->charset); + $value = rcube_charset::clean($value); + } + + return $value; } /** diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc index b75ac5280..a35dab27f 100644 --- a/program/steps/mail/compose.inc +++ b/program/steps/mail/compose.inc @@ -211,9 +211,9 @@ if (!empty($msg_uid) && empty($COMPOSE['as_attachment'])) } } else if ($compose_mode == RCUBE_COMPOSE_DRAFT) { - if ($MESSAGE->headers->others['x-draft-info']) { + if ($draft_info = $MESSAGE->headers->get('x-draft-info')) { // get reply_uid/forward_uid to flag the original message when sending - $info = rcmail_draftinfo_decode($MESSAGE->headers->others['x-draft-info']); + $info = rcmail_draftinfo_decode($draft_info); if ($info['type'] == 'reply') $COMPOSE['reply_uid'] = $info['uid']; @@ -230,8 +230,8 @@ if (!empty($msg_uid) && empty($COMPOSE['as_attachment'])) } } - if ($MESSAGE->headers->in_reply_to) - $COMPOSE['reply_msgid'] = '<'.$MESSAGE->headers->in_reply_to.'>'; + if ($in_reply_to = $MESSAGE->headers->get('in-reply-to')) + $COMPOSE['reply_msgid'] = '<' . $in_reply_to . '>'; $COMPOSE['references'] = $MESSAGE->headers->references; } diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index 92f32f910..1ce5abf66 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -888,7 +888,7 @@ function rcmail_washtml_callback($tagname, $attrib, $content, $washtml) * return table with message headers */ function rcmail_message_headers($attrib, $headers=null) - { +{ global $OUTPUT, $MESSAGE, $PRINT_MODE, $RCMAIL; static $sa_attrib; diff --git a/program/steps/mail/show.inc b/program/steps/mail/show.inc index 437dbaafa..b01989ad8 100644 --- a/program/steps/mail/show.inc +++ b/program/steps/mail/show.inc @@ -97,7 +97,7 @@ if ($uid = get_input_value('_uid', RCUBE_INPUT_GET)) { $OUTPUT->set_env('skip_deleted', true); if ($CONFIG['display_next']) $OUTPUT->set_env('display_next', true); - if ($MESSAGE->headers->others['list-post']) + if ($MESSAGE->headers->get('list-post', false)) $OUTPUT->set_env('list_post', true); if ($CONFIG['forward_attachment']) $OUTPUT->set_env('forward_attachment', true); |