Commit 588c4107 authored by Matthew Barnes's avatar Matthew Barnes

Bug 657374 - mailto: attachment parameter can lead to accidental data exfiltration

parent 64968a87
......@@ -4003,6 +4003,35 @@ merge_always_cc_and_bcc (EComposerHeaderTable *table,
e_destination_freev (addrv);
}
static const gchar *blacklist[] = { ".", "etc", ".." };
static gboolean
file_is_blacklisted (const gchar *filename)
{
gboolean blacklisted = FALSE;
guint ii, jj, n_parts;
gchar **parts;
parts = g_strsplit (filename, G_DIR_SEPARATOR_S, -1);
n_parts = g_strv_length (parts);
for (ii = 0; ii < G_N_ELEMENTS (blacklist); ii++) {
for (jj = 0; jj < n_parts; jj++) {
if (g_str_has_prefix (parts[jj], blacklist[ii])) {
blacklisted = TRUE;
break;
}
}
}
g_strfreev (parts);
if (blacklisted)
g_message ("Skipping suspicious attachment: %s", filename);
return blacklisted;
}
static void
handle_mailto (EMsgComposer *composer,
const gchar *mailto)
......@@ -4096,6 +4125,8 @@ handle_mailto (EMsgComposer *composer,
EAttachment *attachment;
camel_url_decode (content);
if (file_is_blacklisted (content))
goto next;
if (g_ascii_strncasecmp (content, "file:", 5) == 0)
attachment = e_attachment_new_for_uri (content);
else
......@@ -4115,6 +4146,7 @@ handle_mailto (EMsgComposer *composer,
e_msg_composer_add_header (composer, header, content);
}
next:
g_free (content);
p += clen;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment