projects / claws.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: e5663b0)
2005-05-03 [colin] 1.9.6cvs49
authorColin Leroy <colin@colino.net>
Tue, 3 May 2005 16:21:06 +0000 (16:21 +0000)
committerColin Leroy <colin@colino.net>
Tue, 3 May 2005 16:21:06 +0000 (16:21 +0000)
        * src/procmime.c
                Fix possible DOS in mime parser
                (see bug #634)

ChangeLog-gtk2.claws patch | blob | history
PATCHSETS patch | blob | history
configure.ac patch | blob | history
src/procmime.c patch | blob | history

diff --git a/ChangeLog-gtk2.claws b/ChangeLog-gtk2.claws
index ddf81ab896d4df5ebffa53ad344ec57d67567dc6..b9f3aa44ff0c8b87f915e5f070bddfb3d9a869bc 100644 (file)
--- a/ChangeLog-gtk2.claws
+++ b/ChangeLog-gtk2.claws
@@ -1,3 +1,9 @@
+2005-05-03 [colin]     1.9.6cvs49
+
+       * src/procmime.c
+               Fix possible DOS in mime parser
+               (see bug #634)
+
 2005-05-02 [colin]     1.9.6cvs48
 
        * src/compose.c
diff --git a/PATCHSETS b/PATCHSETS
index 5964ba347cac8a839ca640661cbe559486bf00b0..76a6cdf3fdceb719705d8b49de0c1f03b1cdd157 100644 (file)
--- a/PATCHSETS
+++ b/PATCHSETS
@@ -465,3 +465,4 @@
 ( cvs diff -u -r 1.94.2.50 -r 1.94.2.51 src/messageview.c; cvs diff -u -r 1.204.2.35 -r 1.204.2.36 src/prefs_common.c; cvs diff -u -r 1.103.2.14 -r 1.103.2.15 src/prefs_common.h; cvs diff -u -r 1.59.2.15 -r 1.59.2.16 src/prefs_filtering.c; ) > 1.9.6cvs46.patchset
 ( cvs diff -u -r 1.49.2.10 -r 1.49.2.11 src/prefs_account.h; cvs diff -u -r 1.150.2.22 -r 1.150.2.23 src/procmsg.c; cvs diff -u -r 1.17.2.8 -r 1.17.2.9 src/send_message.c; cvs diff -u -r 1.11.2.9 -r 1.11.2.10 src/common/smtp.c; cvs diff -u -r 1.6.2.5 -r 1.6.2.6 src/common/smtp.h; ) > 1.9.6cvs47.patchset
 ( cvs diff -u -r 1.382.2.118 -r 1.382.2.119 src/compose.c; ) > 1.9.6cvs48.patchset
+( cvs diff -u -r 1.49.2.38 -r 1.49.2.39 src/procmime.c; ) > 1.9.6cvs49.patchset
diff --git a/configure.ac b/configure.ac
index bbf493d8ba7f4066bd5e3cc8a7ebd6a650a0ac68..103f7f53085caecd9186385ce5b3ba6f1b98d330 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -11,7 +11,7 @@ MINOR_VERSION=9
 MICRO_VERSION=6
 INTERFACE_AGE=0
 BINARY_AGE=0
-EXTRA_VERSION=48
+EXTRA_VERSION=49
 EXTRA_RELEASE=
 EXTRA_GTK2_VERSION=
 
diff --git a/src/procmime.c b/src/procmime.c
index 48178f35059babe638ad3827b47e9123d668348b..5f3bb008bd9a4cf57baec89391ffe56c6cdb031f 100644 (file)
--- a/src/procmime.c
+++ b/src/procmime.c
@@ -1200,7 +1200,7 @@ gchar *procmime_get_content_type_str(MimeMediaType type,
        return g_strdup_printf("%s/%s", type_str, subtype);
 }
 
-void procmime_parse_mimepart(MimeInfo *parent,
+int procmime_parse_mimepart(MimeInfo *parent,
                             gchar *content_type,
                             gchar *content_encoding,
                             gchar *content_description,
@@ -1302,6 +1302,7 @@ void procmime_parse_multipart(MimeInfo *mimeinfo)
        gint boundary_len = 0, lastoffset = -1, i;
        gchar buf[BUFFSIZE];
        FILE *fp;
+       int result = 0;
 
        boundary = g_hash_table_lookup(mimeinfo->typeparameters, "boundary");
        if (!boundary)
@@ -1316,13 +1317,13 @@ void procmime_parse_multipart(MimeInfo *mimeinfo)
                return;
        }
        fseek(fp, mimeinfo->offset, SEEK_SET);
-       while ((p = fgets(buf, sizeof(buf), fp)) != NULL) {
+       while ((p = fgets(buf, sizeof(buf), fp)) != NULL && result == 0) {
                if (ftell(fp) > (mimeinfo->offset + mimeinfo->length))
                        break;
 
                if (IS_BOUNDARY(buf, boundary, boundary_len)) {
                        if (lastoffset != -1) {
-                               procmime_parse_mimepart(mimeinfo,
+                               result = procmime_parse_mimepart(mimeinfo,
                                                        hentry[0].body, hentry[1].body,
                                                        hentry[2].body, hentry[3].body, 
                                                        hentry[4].body, 
@@ -1589,7 +1590,7 @@ static void procmime_parse_content_encoding(const gchar *content_encoding, MimeI
        return;
 }
 
-void procmime_parse_mimepart(MimeInfo *parent,
+int procmime_parse_mimepart(MimeInfo *parent,
                             gchar *content_type,
                             gchar *content_encoding,
                             gchar *content_description,
@@ -1604,8 +1605,17 @@ void procmime_parse_mimepart(MimeInfo *parent,
        /* Create MimeInfo */
        mimeinfo = procmime_mimeinfo_new();
        mimeinfo->content = MIMECONTENT_FILE;
-       if (parent != NULL)
+       if (parent != NULL) {
+               if (g_node_depth(parent->node) > 32) {
+                       /* 32 is an arbitrary value
+                        * this avoids DOSsing ourselves 
+                        * with enormous messages
+                        */
+                       procmime_mimeinfo_free_all(mimeinfo);
+                       return -1;                      
+               }
                g_node_append(parent->node, mimeinfo->node);
+       }
        mimeinfo->data.filename = g_strdup(filename);
        mimeinfo->offset = offset;
        mimeinfo->length = length;
@@ -1656,6 +1666,8 @@ void procmime_parse_mimepart(MimeInfo *parent,
                default:
                        break;
        }
+
+       return 0;
 }
 
 static gchar *typenames[] = {
Claws Mail