Re: RFC2368 security patch status (Re: CVE-2006-3242 and a new mutt release)
* Wed Jul 12 2006 Thomas Roessler <roessler@xxxxxxxxxxxxxxxxxx>
> > IIRC, Thomas prefers rfc2368sec.4:
> > http://www.momonga-linux.org/~tamo/patch-1.5.9.tamo.rfc2368sec.4
> > http://thread.gmane.org/gmane.mail.mutt.devel/7507/focus=7522
>
> Looking at this, I guess I'd like to throw out the
> OPTCONFIRMHEADERS part of it, and just stick to (a) prepending
> the X-Mailto-URL-... (or maybe just X-Mailto) prefix, and (b)
> overriding ask-cc and ask-bcc as the patch does.
>
> Mind preparing a version that does this?
Well, quick diff is here. Not tested yet.
--
tamo
? scr.txt
? utf8.txt
Index: send.c
===================================================================
RCS file: /home/roessler/cvs/mutt/send.c,v
retrieving revision 3.45
diff -p -u -r3.45 send.c
--- send.c 9 Jan 2006 19:43:59 -0000 3.45
+++ send.c 13 Jul 2006 09:24:51 -0000
@@ -220,9 +220,9 @@ static int edit_envelope (ENVELOPE *en)
if (edit_address (&en->to, "To: ") == -1 || en->to == NULL)
return (-1);
- if (option (OPTASKCC) && edit_address (&en->cc, "Cc: ") == -1)
+ if ((en->cc || option (OPTASKCC)) && edit_address (&en->cc, "Cc: ") == -1)
return (-1);
- if (option (OPTASKBCC) && edit_address (&en->bcc, "Bcc: ") == -1)
+ if ((en->bcc || option (OPTASKBCC)) && edit_address (&en->bcc, "Bcc: ") ==
-1)
return (-1);
if (en->subject)
Index: url.c
===================================================================
RCS file: /home/roessler/cvs/mutt/url.c,v
retrieving revision 3.9
diff -p -u -r3.9 url.c
--- url.c 17 Sep 2005 20:46:11 -0000 3.9
+++ url.c 13 Jul 2006 09:24:51 -0000
@@ -249,9 +249,16 @@ int url_parse_mailto (ENVELOPE *e, char
}
else
{
- taglen = strlen (tag);
+ const char *x_mailto="";
+
+ /* see RFC2368 security considerations */
+ if (ascii_strcasecmp (tag, "subject") &&
+ ascii_strcasecmp (tag, "cc") &&
+ ascii_strcasecmp (tag, "bcc"))
+ x_mailto="X-Mailto-";
+ taglen = strlen (tag) + strlen (x_mailto);
/* mutt_parse_rfc822_line makes some assumptions */
- snprintf (scratch, sizeof (scratch), "%s: %s", tag, value);
+ snprintf (scratch, sizeof (scratch), "%s%s: %s", x_mailto, tag, value);
scratch[taglen] = '\0';
value = &scratch[taglen+1];
SKIPWS (value);