diff options
| author | Eli Zaretskii | 2022-12-19 19:01:04 +0200 |
|---|---|---|
| committer | Eli Zaretskii | 2022-12-19 12:49:59 -0500 |
| commit | ae9bfed50dbf5043c0b47f20473ef43d8aeebebd (patch) | |
| tree | 562cfe6219fd8d34890b6f3aef62abd7de3d5523 | |
| parent | 0636e1066bbafcd8219d9a8e09301c77f875d78b (diff) | |
| download | emacs-ae9bfed50dbf5043c0b47f20473ef43d8aeebebd.tar.gz emacs-ae9bfed50dbf5043c0b47f20473ef43d8aeebebd.zip | |
Fix storing email into nnmail by Gnus
Backporting suggested by Florian Weimer, since this is
a denial-of-service issue.
* lisp/gnus/nnml.el (nnml--encode-headers): Wrap
'rfc2047-encode-string' calls with 'ignore-errors', to avoid
disrupting email workflows due to possibly-invalid headers.
Reported by Florian Weimer <fweimer@redhat.com>.
(cherry picked from commit 23f7c9c2a92e4619b7c4d2286d4249f812cd695d)
| -rw-r--r-- | lisp/gnus/nnml.el | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/lisp/gnus/nnml.el b/lisp/gnus/nnml.el index afdb0c780a5..258c5efc79f 100644 --- a/lisp/gnus/nnml.el +++ b/lisp/gnus/nnml.el | |||
| @@ -775,17 +775,22 @@ article number. This function is called narrowed to an article." | |||
| 775 | (nnml--encode-headers headers) | 775 | (nnml--encode-headers headers) |
| 776 | headers)))) | 776 | headers)))) |
| 777 | 777 | ||
| 778 | ;; RFC2047-encode Subject and From, but leave invalid headers unencoded. | ||
| 778 | (defun nnml--encode-headers (headers) | 779 | (defun nnml--encode-headers (headers) |
| 779 | (let ((subject (mail-header-subject headers)) | 780 | (let ((subject (mail-header-subject headers)) |
| 780 | (rfc2047-encoding-type 'mime)) | 781 | (rfc2047-encoding-type 'mime)) |
| 781 | (unless (string-match "\\`[[:ascii:]]*\\'" subject) | 782 | (unless (string-match "\\`[[:ascii:]]*\\'" subject) |
| 782 | (setf (mail-header-subject headers) | 783 | (let ((encoded-subject |
| 783 | (mail-encode-encoded-word-string subject t)))) | 784 | (ignore-errors (mail-encode-encoded-word-string subject t)))) |
| 785 | (if encoded-subject | ||
| 786 | (setf (mail-header-subject headers) encoded-subject))))) | ||
| 784 | (let ((from (mail-header-from headers)) | 787 | (let ((from (mail-header-from headers)) |
| 785 | (rfc2047-encoding-type 'address-mime)) | 788 | (rfc2047-encoding-type 'address-mime)) |
| 786 | (unless (string-match "\\`[[:ascii:]]*\\'" from) | 789 | (unless (string-match "\\`[[:ascii:]]*\\'" from) |
| 787 | (setf (mail-header-from headers) | 790 | (let ((encoded-from |
| 788 | (rfc2047-encode-string from t))))) | 791 | (ignore-errors (rfc2047-encode-string from t)))) |
| 792 | (if encoded-from | ||
| 793 | (setf (mail-header-from headers) encoded-from)))))) | ||
| 789 | 794 | ||
| 790 | (defun nnml-get-nov-buffer (group &optional incrementalp) | 795 | (defun nnml-get-nov-buffer (group &optional incrementalp) |
| 791 | (let ((buffer (gnus-get-buffer-create | 796 | (let ((buffer (gnus-get-buffer-create |