diff options
author | alecpl <alec@alec.pl> | 2011-11-25 13:47:07 +0000 |
---|---|---|
committer | alecpl <alec@alec.pl> | 2011-11-25 13:47:07 +0000 |
commit | e0960f6365b4b0af314d955847b9422067c83eb2 (patch) | |
tree | 158714b9d499cd6bdb5dec392de13c178a129ea3 /program/steps/mail | |
parent | 9b33118bf57345fed8ca0d250b492a8d0e711730 (diff) |
- Prevent from memory_limit exceeding when trying to parse big messages bodies (#1487424):
don't try to parse it, display notice with a link to download it directly
Diffstat (limited to 'program/steps/mail')
-rw-r--r-- | program/steps/mail/func.inc | 43 | ||||
-rw-r--r-- | program/steps/mail/get.inc | 24 |
2 files changed, 47 insertions, 20 deletions
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index 22ad7d562..b06feda7e 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -972,7 +972,7 @@ function rcmail_message_full_headers($attrib, $headers=NULL) * @return string HTML content showing the message body */ function rcmail_message_body($attrib) - { +{ global $CONFIG, $OUTPUT, $MESSAGE, $IMAP, $RCMAIL, $REMOTE_OBJECTS; if (!is_array($MESSAGE->parts) && empty($MESSAGE->body)) @@ -989,14 +989,20 @@ function rcmail_message_body($attrib) if (preg_match('/^headertable([a-z]+)$/i', $attr, $regs)) $header_attrib[$regs[1]] = $value; - if (!empty($MESSAGE->parts)) - { - foreach ($MESSAGE->parts as $i => $part) - { + if (!empty($MESSAGE->parts)) { + foreach ($MESSAGE->parts as $i => $part) { if ($part->type == 'headers') $out .= rcmail_message_headers(sizeof($header_attrib) ? $header_attrib : NULL, $part->headers); - else if ($part->type == 'content' && $part->size) - { + else if ($part->type == 'content' && $part->size) { + // Check if we have enough memory to handle the message in it + // #1487424: we need up to 10x more memory than the body + if (!rcmail_mem_check($part->size * 10)) { + $out .= html::span('part-notice', rcube_label('messagetoobig'). ' ' + . html::a('?_task=mail&_action=get&_download=1&_uid='.$MESSAGE->uid.'&_part='.$part->mime_id + .'&_mbox='. urlencode($IMAP->get_mailbox_name()), rcube_label('download'))); + continue; + } + if (empty($part->ctype_parameters) || empty($part->ctype_parameters['charset'])) $part->ctype_parameters['charset'] = $MESSAGE->headers->charset; @@ -1030,16 +1036,25 @@ function rcmail_message_body($attrib) } else $out .= html::div('message-part', $plugin['prefix'] . $body); - } } } + } else { - $plugin = $RCMAIL->plugins->exec_hook('message_body_prefix', array( - 'part' => $MESSAGE, 'prefix' => '')); + // Check if we have enough memory to handle the message in it + // #1487424: we need up to 10x more memory than the body + if (!rcmail_mem_check(strlen($MESSAGE->body) * 10)) { + $out .= html::span('part-notice', rcube_label('messagetoobig'). ' ' + . html::a('?_task=mail&_action=get&_download=1&_uid='.$MESSAGE->uid.'&_part=0' + .'&_mbox='. urlencode($IMAP->get_mailbox_name()), rcube_label('download'))); + } + else { + $plugin = $RCMAIL->plugins->exec_hook('message_body_prefix', array( + 'part' => $MESSAGE, 'prefix' => '')); - $out .= html::div('message-part', $plugin['prefix'] . html::tag('pre', array(), - rcmail_plain_body(Q($MESSAGE->body, 'strict', false)))); + $out .= html::div('message-part', $plugin['prefix'] . html::tag('pre', array(), + rcmail_plain_body(Q($MESSAGE->body, 'strict', false)))); } + } // list images after mail body if ($CONFIG['inline_images'] && !empty($MESSAGE->attachments)) { @@ -1057,7 +1072,7 @@ function rcmail_message_body($attrib) 'title' => $attach_prop->filename, 'alt' => $attach_prop->filename, ))); - } + } } } @@ -1066,7 +1081,7 @@ function rcmail_message_body($attrib) $OUTPUT->set_env('blockedobjects', true); return html::div($attrib, $out); - } +} /** diff --git a/program/steps/mail/get.inc b/program/steps/mail/get.inc index 828f8debc..a0ea3e163 100644 --- a/program/steps/mail/get.inc +++ b/program/steps/mail/get.inc @@ -70,7 +70,7 @@ if (!empty($_GET['_frame'])) { exit; } -else if ($pid = get_input_value('_part', RCUBE_INPUT_GET)) { +else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) { if ($part = $MESSAGE->mime_parts[$pid]) { $ctype_primary = strtolower($part->ctype_primary); @@ -109,18 +109,30 @@ else if ($pid = get_input_value('_part', RCUBE_INPUT_GET)) { // deliver part content if ($ctype_primary == 'text' && $ctype_secondary == 'html' && empty($plugin['download'])) { - // get part body if not available - if (!$part->body) - $part->body = $MESSAGE->get_part_content($part->mime_id); + // Check if we have enough memory to handle the message in it + // #1487424: we need up to 10x more memory than the body + if (!rcmail_mem_check($part->size * 10)) { + $out = '<body>' . rcube_label('messagetoobig'). ' ' + . html::a('?_task=mail&_action=get&_download=1&_uid='.$MESSAGE->uid.'&_part='.$part->mime_id + .'&_mbox='. urlencode($IMAP->get_mailbox_name()), rcube_label('download')) . '</body></html>'; + } + else { + // get part body if not available + if (!$part->body) + $part->body = $MESSAGE->get_part_content($part->mime_id); + + $out = rcmail_print_body($part, array('safe' => $MESSAGE->is_safe, 'inline_html' => false)); + } $OUTPUT = new rcube_html_page(); - $OUTPUT->write(rcmail_print_body($part, array('safe' => $MESSAGE->is_safe, 'inline_html' => false))); + $OUTPUT->write($out); } else { // don't kill the connection if download takes more than 30 sec. @set_time_limit(0); - $filename = $part->filename ? $part->filename : ($MESSAGE->subject ? $MESSAGE->subject : 'roundcube') . '.'.$ctype_secondary; + $ext = '.' . ($mimetype == 'text/plain' ? 'txt' : $ctype_secondary); + $filename = $part->filename ? $part->filename : ($MESSAGE->subject ? $MESSAGE->subject : 'roundcube') . $ext; $filename = preg_replace('[\r\n]', '', $filename); if ($browser->ie && $browser->ver < 7) |