guix/gnu/packages/patches/evolution-CVE-2020-11879.patch
Léo Le Bouter a2943e36c7
gnu: evolution: Fix CVE-2020-11879.
* gnu/packages/patches/evolution-CVE-2020-11879.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/gnome.scm (evolution): Apply it.
2021-03-11 01:19:40 +01:00

122 lines
4.2 KiB
Diff

From 6489f20d6905cc797e2b2581c415e558c457caa7 Mon Sep 17 00:00:00 2001
From: Milan Crha <mcrha@redhat.com>
Date: Wed, 12 Feb 2020 18:59:52 +0100
Subject: [PATCH] I#784 - Warn about and limit what can be attached using
mailto: URI
Closes https://gitlab.gnome.org/GNOME/evolution/issues/784
---
src/composer/e-msg-composer.c | 58 +++++++++++++++++++++++++++++------
src/e-util/e-system.error.xml | 7 ++++-
2 files changed, 54 insertions(+), 11 deletions(-)
diff --git a/src/composer/e-msg-composer.c b/src/composer/e-msg-composer.c
index e4c9ac095e..cd3168d882 100644
--- a/src/composer/e-msg-composer.c
+++ b/src/composer/e-msg-composer.c
@@ -4761,7 +4761,8 @@ handle_mailto (EMsgComposer *composer,
gchar *header, *content, *buf;
gsize nread, nwritten;
const gchar *p;
- gint len, clen;
+ gint len, clen, has_attachments = 0;
+ gboolean has_blacklisted_attachment = FALSE;
table = e_msg_composer_get_header_table (composer);
view = e_msg_composer_get_attachment_view (composer);
@@ -4844,22 +4845,36 @@ handle_mailto (EMsgComposer *composer,
} else if (!g_ascii_strcasecmp (header, "attach") ||
!g_ascii_strcasecmp (header, "attachment")) {
EAttachment *attachment;
+ GFile *file;
camel_url_decode (content);
- if (file_is_blacklisted (content))
- e_alert_submit (
- E_ALERT_SINK (e_msg_composer_get_editor (composer)),
- "mail:blacklisted-file",
- content, NULL);
if (g_ascii_strncasecmp (content, "file:", 5) == 0)
attachment = e_attachment_new_for_uri (content);
else
attachment = e_attachment_new_for_path (content);
- e_attachment_store_add_attachment (store, attachment);
- e_attachment_load_async (
- attachment, (GAsyncReadyCallback)
- e_attachment_load_handle_error, composer);
+ file = e_attachment_ref_file (attachment);
+ if (!file || !g_file_peek_path (file) ||
+ !g_file_test (g_file_peek_path (file), G_FILE_TEST_EXISTS) ||
+ g_file_test (g_file_peek_path (file), G_FILE_TEST_IS_DIR)) {
+ /* Do nothing, simply ignore the attachment request */
+ } else {
+ has_attachments++;
+
+ if (file_is_blacklisted (content)) {
+ has_blacklisted_attachment = TRUE;
+ e_alert_submit (
+ E_ALERT_SINK (e_msg_composer_get_editor (composer)),
+ "mail:blacklisted-file",
+ content, NULL);
+ }
+
+ e_attachment_store_add_attachment (store, attachment);
+ e_attachment_load_async (
+ attachment, (GAsyncReadyCallback)
+ e_attachment_load_handle_error, composer);
+ }
g_object_unref (attachment);
+ g_clear_object (&file);
} else if (!g_ascii_strcasecmp (header, "from")) {
/* Ignore */
} else if (!g_ascii_strcasecmp (header, "reply-to")) {
@@ -4883,6 +4898,29 @@ handle_mailto (EMsgComposer *composer,
g_free (buf);
+ if (has_attachments && !has_blacklisted_attachment) {
+ const gchar *primary;
+ gchar *secondary;
+
+ primary = g_dngettext (GETTEXT_PACKAGE,
+ "Review attachment before sending.",
+ "Review attachments before sending.",
+ has_attachments);
+
+ secondary = g_strdup_printf (g_dngettext (GETTEXT_PACKAGE,
+ "There had been added %d attachment. Make sure it does not contain any sensitive information before sending the message.",
+ "There had been added %d attachments. Make sure they do not contain any sensitive information before sending the message.",
+ has_attachments),
+ has_attachments);
+
+ e_alert_submit (
+ E_ALERT_SINK (e_msg_composer_get_editor (composer)),
+ "system:generic-warning",
+ primary, secondary, NULL);
+
+ g_free (secondary);
+ }
+
merge_always_cc_and_bcc (table, to, &cc, &bcc);
tov = destination_list_to_vector (to);
diff --git a/src/e-util/e-system.error.xml b/src/e-util/e-system.error.xml
index ddcf989fda..02facb7d26 100644
--- a/src/e-util/e-system.error.xml
+++ b/src/e-util/e-system.error.xml
@@ -1,6 +1,11 @@
<?xml version="1.0"?>
<error-list domain="system">
- <error type="error" id="generic-error">
+ <error id="generic-error" type="error">
+ <primary>{0}</primary>
+ <secondary>{1}</secondary>
+ </error>
+
+ <error id="generic-warning" type="warning">
<primary>{0}</primary>
<secondary>{1}</secondary>
</error>
--
GitLab