Hi all, I hadn't noticed this one before. mutt CVS does indeed allow attachments to have (and keep) arbitrary paths, which can't be good. Okay, you have to be not paying attention in order to overwrite files, but why give people the chance? Please try the attached patch, which sanitises the filename first. I think I've caught all the code paths mutt uses to save attachments. We could also use basename, but then you've (a) lost information and (b) got to worry about it modifying buffers. This seems better. -- Paul >Who on earth would want a double-headed mop? Is there some strange martial >art which needs one? Two words: Sith housecleaners. -- Quentin Stephens and Matt McLeod
diff -r 0a6ead90106e recvattach.c --- a/recvattach.c Wed Mar 15 12:35:09 2006 +0000 +++ b/recvattach.c Thu Mar 23 22:32:21 2006 +0000 @@ -408,6 +408,9 @@ static int mutt_query_save_attachment (F else buf[0] = 0; + /* Remove any paths or bad characters */ + mutt_sanitize_filename (buf, 1); + prompt = _("Save to file: "); while (prompt) { @@ -485,6 +488,10 @@ void mutt_save_attachment_list (FILE *fp int append = 0; strfcpy (buf, NONULL (top->filename), sizeof (buf)); + + /* Remove any paths or bad characters */ + mutt_sanitize_filename (buf, 1); + if (mutt_get_field (_("Save to file: "), buf, sizeof (buf), M_FILE | M_CLEAR) != 0 || !buf[0]) return;
Attachment:
signature.asc
Description: Digital signature