<<< Date Index >>>     <<< Thread Index >>>

Re: RFC2368 security patch status (Re: CVE-2006-3242 and a new mutt release)

* Thu Jul 13 2006 TAKAHASHI Tamotsu <ttakah@xxxxxxxxxxxxxxxxx>
> * Wed Jul 12 2006 Thomas Roessler <roessler@xxxxxxxxxxxxxxxxxx>
> > > IIRC, Thomas prefers rfc2368sec.4:
> > > http://www.momonga-linux.org/~tamo/patch-1.5.9.tamo.rfc2368sec.4
> > > http://thread.gmane.org/gmane.mail.mutt.devel/7507/focus=7522
> > 
> > Looking at this, I guess I'd like to throw out the
> > OPTCONFIRMHEADERS part of it, and just stick to (a) prepending
> > the X-Mailto-URL-... (or maybe just X-Mailto) prefix, and (b)
> > overriding ask-cc and ask-bcc as the patch does.
> > 
> > Mind preparing a version that does this?
> 
> Well, quick diff is here. Not tested yet.

Okay, I've just come home. And a little better version is attached.

Note: Without OPTCONFIRMHEADERS, and when $edit_headers=no, you
are totally unaware how your headers are modified by mailto-URL.
I strongly recommend OPTCONFIRMHEADERS feature. It forces you to
edit (or at least review) all your headers.

-- 
tamo

Index: send.c
===================================================================
RCS file: /home/roessler/cvs/mutt/send.c,v
retrieving revision 3.45
diff -p -u -r3.45 send.c
--- send.c      9 Jan 2006 19:43:59 -0000       3.45
+++ send.c      13 Jul 2006 13:21:21 -0000
@@ -220,9 +220,9 @@ static int edit_envelope (ENVELOPE *en)
 
   if (edit_address (&en->to, "To: ") == -1 || en->to == NULL)
     return (-1);
-  if (option (OPTASKCC) && edit_address (&en->cc, "Cc: ") == -1)
+  if ((en->cc || option (OPTASKCC)) && edit_address (&en->cc, "Cc: ") == -1)
     return (-1);
-  if (option (OPTASKBCC) && edit_address (&en->bcc, "Bcc: ") == -1)
+  if ((en->bcc || option (OPTASKBCC)) && edit_address (&en->bcc, "Bcc: ") == 
-1)
     return (-1);
 
   if (en->subject)
Index: url.c
===================================================================
RCS file: /home/roessler/cvs/mutt/url.c,v
retrieving revision 3.9
diff -p -u -r3.9 url.c
--- url.c       17 Sep 2005 20:46:11 -0000      3.9
+++ url.c       13 Jul 2006 13:21:21 -0000
@@ -213,6 +213,7 @@ int url_parse_mailto (ENVELOPE *e, char 
   char *headers;
   char *tag, *value;
   char scratch[HUGE_STRING];
+  const char *x_mailto;
 
   int taglen;
 
@@ -249,9 +250,16 @@ int url_parse_mailto (ENVELOPE *e, char 
     }
     else 
     {
-      taglen = strlen (tag);
+      /* see RFC2368 security considerations */
+      if (ascii_strcasecmp (tag, "subject") &&
+         ascii_strcasecmp (tag, "cc") &&
+         ascii_strcasecmp (tag, "bcc"))
+       x_mailto="X-Mailto-";
+      else
+       x_mailto="";
+      taglen = strlen (tag) + strlen (x_mailto);
       /* mutt_parse_rfc822_line makes some assumptions */
-      snprintf (scratch, sizeof (scratch), "%s: %s", tag, value);
+      snprintf (scratch, sizeof (scratch), "%s%s: %s", x_mailto, tag, value);
       scratch[taglen] = '\0';
       value = &scratch[taglen+1];
       SKIPWS (value);