* src/common/utils.c
fix debian bug #448814, 'mailto: URI decoding
desn't decode the destination address field'
Patch by Federico Heinz <fheinz@vialibre.org.ar>
+2007-11-03 [paul] 3.0.2cvs113
+
+ * src/common/utils.c
+ fix debian bug #448814, 'mailto: URI decoding
+ desn't decode the destination address field'
+ Patch by Federico Heinz <fheinz@vialibre.org.ar>
+
2007-11-03 [paul] 3.0.2cvs112
* AUTHORS
2007-11-03 [paul] 3.0.2cvs112
* AUTHORS
( cvs diff -u -r 1.1.2.16 -r 1.1.2.17 src/ldapupdate.c; ) > 3.0.2cvs110.patchset
( cvs diff -u -r 1.60.2.103 -r 1.60.2.104 src/addressbook.c; ) > 3.0.2cvs111.patchset
( cvs diff -u -r 1.100.2.56 -r 1.100.2.57 AUTHORS; cvs diff -u -r 1.382.2.418 -r 1.382.2.419 src/compose.c; cvs diff -u -r 1.1.2.42 -r 1.1.2.43 src/gtk/authors.h; ) > 3.0.2cvs112.patchset
( cvs diff -u -r 1.1.2.16 -r 1.1.2.17 src/ldapupdate.c; ) > 3.0.2cvs110.patchset
( cvs diff -u -r 1.60.2.103 -r 1.60.2.104 src/addressbook.c; ) > 3.0.2cvs111.patchset
( cvs diff -u -r 1.100.2.56 -r 1.100.2.57 AUTHORS; cvs diff -u -r 1.382.2.418 -r 1.382.2.419 src/compose.c; cvs diff -u -r 1.1.2.42 -r 1.1.2.43 src/gtk/authors.h; ) > 3.0.2cvs112.patchset
+( cvs diff -u -r 1.36.2.121 -r 1.36.2.122 src/common/utils.c; ) > 3.0.2cvs113.patchset
MICRO_VERSION=2
INTERFACE_AGE=0
BINARY_AGE=0
MICRO_VERSION=2
INTERFACE_AGE=0
BINARY_AGE=0
EXTRA_RELEASE=
EXTRA_GTK2_VERSION=
EXTRA_RELEASE=
EXTRA_GTK2_VERSION=
decode_uri_with_plus(decoded_uri, encoded_uri, TRUE);
}
decode_uri_with_plus(decoded_uri, encoded_uri, TRUE);
}
+static gchar *decode_uri_gdup(const gchar *encoded_uri)
+{
+ gchar *buffer = g_malloc(strlen(encoded_uri)+1);
+ decode_uri(buffer, encoded_uri);
+ return buffer;
+}
+
gint scan_mailto_url(const gchar *mailto, gchar **to, gchar **cc, gchar **bcc,
gchar **subject, gchar **body, gchar **attach)
{
gint scan_mailto_url(const gchar *mailto, gchar **to, gchar **cc, gchar **bcc,
gchar **subject, gchar **body, gchar **attach)
{
- *to = g_strdup(tmp_mailto);
+ *to = decode_uri_gdup(tmp_mailto);
while (p) {
gchar *field, *value;
while (p) {
gchar *field, *value;
if (*value == '\0') continue;
if (cc && !*cc && !g_ascii_strcasecmp(field, "cc")) {
if (*value == '\0') continue;
if (cc && !*cc && !g_ascii_strcasecmp(field, "cc")) {
+ *cc = decode_uri_gdup(value);
} else if (bcc && !*bcc && !g_ascii_strcasecmp(field, "bcc")) {
} else if (bcc && !*bcc && !g_ascii_strcasecmp(field, "bcc")) {
- *bcc = g_strdup(value);
+ *bcc = decode_uri_gdup(value);
} else if (subject && !*subject &&
!g_ascii_strcasecmp(field, "subject")) {
} else if (subject && !*subject &&
!g_ascii_strcasecmp(field, "subject")) {
- *subject = g_malloc(strlen(value) + 1);
- decode_uri(*subject, value);
+ *subject = decode_uri_gdup(value);
} else if (body && !*body && !g_ascii_strcasecmp(field, "body")) {
} else if (body && !*body && !g_ascii_strcasecmp(field, "body")) {
- *body = g_malloc(strlen(value) + 1);
- decode_uri(*body, value);
+ *body = decode_uri_gdup(value);
} else if (attach && !*attach && !g_ascii_strcasecmp(field, "attach")) {
int i = 0;
} else if (attach && !*attach && !g_ascii_strcasecmp(field, "attach")) {
int i = 0;
- *attach = g_malloc(strlen(value) + 1);
- decode_uri(*attach, value);
+ *attach = decode_uri_gdup(value);
for (; forbidden_uris[i]; i++) {
if (strstr(*attach, forbidden_uris[i])) {
g_print("Refusing to attach '%s', potential private data leak\n",
for (; forbidden_uris[i]; i++) {
if (strstr(*attach, forbidden_uris[i])) {
g_print("Refusing to attach '%s', potential private data leak\n",