diff options
Diffstat (limited to 'mail')
-rw-r--r-- | mail/ChangeLog | 17 | ||||
-rw-r--r-- | mail/mail-display.c | 5 | ||||
-rw-r--r-- | mail/mail-format.c | 33 |
3 files changed, 10 insertions, 45 deletions
diff --git a/mail/ChangeLog b/mail/ChangeLog index a8be5524cc..ec8c9e200c 100644 --- a/mail/ChangeLog +++ b/mail/ChangeLog @@ -1,22 +1,5 @@ 2003-03-12 Jeffrey Stedfast <fejj@ximian.com> - Security vulnerability fixes. - - * mail-display.c (do_external_viewer): Make sure that we don't - launch a bonobo control to view a mime-type that we handle - internally, otherwise maliciously formed HTML mail using <object> - tags could potentially launch a bonobo vontrol to view the mime - part bypassing any checks that Evolution might do on the data - normally. - - * mail-format.c (handle_text_html, attachment_header) - (handle_image, handle_via_bonobo): Encode the result from - get_cid() so that malicious Content-Id strings cannot bypass the - user's preference to not load http images, force a bonobo control - to load passing it arbitrary data, etc. - -2003-03-12 Jeffrey Stedfast <fejj@ximian.com> - * mail-signature-editor.c (menu_file_save_cb): Rewritten to do the same as the composer's build_message() code. diff --git a/mail/mail-display.c b/mail/mail-display.c index 955de714ea..83387bde92 100644 --- a/mail/mail-display.c +++ b/mail/mail-display.c @@ -1081,11 +1081,6 @@ do_external_viewer (GtkHTML *html, GtkHTMLEmbedded *eb, CORBA_Environment ev; CamelStreamMem *cstream; BonoboStream *bstream; - MailMimeHandler *handler; - - handler = mail_lookup_handler (eb->type); - if (!handler || handler->builtin) - return FALSE; component = gnome_vfs_mime_get_default_component (eb->type); if (!component) diff --git a/mail/mail-format.c b/mail/mail-format.c index 9e24a1c065..67a4604b2c 100644 --- a/mail/mail-format.c +++ b/mail/mail-format.c @@ -613,7 +613,7 @@ static void attachment_header (CamelMimePart *part, const char *mime_type, MailDisplay *md, MailDisplayStream *stream) { - char *htmlinfo, *cid_html; + char *htmlinfo; const char *info; /* Start the table, create the pop-up object. */ @@ -622,10 +622,8 @@ attachment_header (CamelMimePart *part, const char *mime_type, MailDisplay *md, "<tr><td></td></tr></table></td>"); if (!md->printing) { - cid_html = camel_text_to_html (get_cid (part, md), 0, 0); camel_stream_printf ((CamelStream *) stream, "<td><object classid=\"popup:%s\"" - "type=\"%s\"></object></td>", cid_html, mime_type); - g_free (cid_html); + "type=\"%s\"></object></td>", get_cid (part, md), mime_type); } camel_stream_write_string ((CamelStream *) stream, "<td><table width=3 cellspacing=0 cellpadding=0>" @@ -1281,7 +1279,6 @@ handle_text_html (CamelMimePart *part, const char *mime_type, MailDisplay *md, MailDisplayStream *stream) { const char *location, *base; - char *buf; camel_stream_write_string ((CamelStream *) stream, "\n<!-- text/html -->\n"); @@ -1306,10 +1303,8 @@ handle_text_html (CamelMimePart *part, const char *mime_type, if (!location) location = get_cid (part, md); - buf = camel_text_to_html (location, 0, 0); camel_stream_printf ((CamelStream *) stream, "<iframe src=\"%s\" frameborder=0 " - "scrolling=no>could not get %s</iframe>", buf, buf); - g_free (buf); + "scrolling=no>could not get %s</iframe>", location, location); return TRUE; } @@ -1317,12 +1312,8 @@ handle_text_html (CamelMimePart *part, const char *mime_type, static gboolean handle_image (CamelMimePart *part, const char *mime_type, MailDisplay *md, MailDisplayStream *stream) { - char *buf; - - buf = camel_text_to_html (get_cid (part, md), 0, 0); - camel_stream_printf ((CamelStream *) stream, "<img hspace=10 vspace=10 src=\"%s\">", buf); - g_free (buf); - + camel_stream_printf ((CamelStream *) stream, "<img hspace=10 vspace=10 src=\"%s\">", + get_cid (part, md)); return TRUE; } @@ -1823,15 +1814,11 @@ static gboolean handle_via_bonobo (CamelMimePart *part, const char *mime_type, MailDisplay *md, MailDisplayStream *stream) { - char *buf; - - if (md->printing) - return TRUE; - - buf = camel_text_to_html (get_cid (part, md), 0, 0); - camel_stream_printf ((CamelStream *) stream, "<object classid=\"%s\" type=\"%s\"></object>", - buf, mime_type); - g_free (buf); + if (!md->printing) { + camel_stream_printf ((CamelStream *) stream, + "<object classid=\"%s\" type=\"%s\"></object>", + get_cid (part, md), mime_type); + } return TRUE; } |