From d6284b4d22d1e6912b01228b7d2a63e9fecbc5fb Mon Sep 17 00:00:00 2001
From: till <till@php.net>
Date: Wed, 02 Nov 2011 11:13:42 -0400
Subject: [PATCH] check-in 3.4.6 (without moxieplayer due to a content-spoofing vulnerability)

---
 program/include/rcube_message.php |    9 ++++++---
 1 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/program/include/rcube_message.php b/program/include/rcube_message.php
index 2ec386c..0ecd86c 100644
--- a/program/include/rcube_message.php
+++ b/program/include/rcube_message.php
@@ -48,7 +48,6 @@
 
     public $uid = null;
     public $headers;
-    public $structure;
     public $parts = array();
     public $mime_parts = array();
     public $attachments = array();
@@ -299,8 +298,10 @@
             $structure->type = 'content';
             $this->parts[] = &$structure;
         }
-        // message contains alternative parts
-        else if ($mimetype == 'multipart/alternative' && is_array($structure->parts)) {
+        // message contains (more than one!) alternative parts
+        else if ($mimetype == 'multipart/alternative'
+            && is_array($structure->parts) && count($structure->parts) > 1
+        ) {
             // get html/plaintext parts
             $plain_part = $html_part = $print_part = $related_part = null;
 
@@ -373,6 +374,8 @@
             $p->ctype_secondary = 'plain';
             $p->body            = rcube_label('encryptedmessage');
             $p->size            = strlen($p->body);
+
+            $this->parts[] = $p;
         }
         // message contains multiple parts
         else if (is_array($structure->parts) && !empty($structure->parts)) {

--
Gitblit v1.9.1