From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)
---
plugins/vcard_attachments/vcard_attachments.php | 19 ++++++++++++-------
1 files changed, 12 insertions(+), 7 deletions(-)
diff --git a/plugins/vcard_attachments/vcard_attachments.php b/plugins/vcard_attachments/vcard_attachments.php
index 1400cd5..e7f7d5f 100644
--- a/plugins/vcard_attachments/vcard_attachments.php
+++ b/plugins/vcard_attachments/vcard_attachments.php
@@ -69,19 +69,24 @@
$vcards = rcube_vcard::import($this->message->get_part_content($part, null, true));
// successfully parsed vcards?
- if (empty($vcards))
+ if (empty($vcards)) {
continue;
+ }
// remove part's body
- if (in_array($part, $this->vcard_bodies))
+ if (in_array($part, $this->vcard_bodies)) {
$p['content'] = '';
+ }
foreach ($vcards as $idx => $vcard) {
- $display = $vcard->displayname;
- if ($vcard->email[0])
- $display .= ' <'.$vcard->email[0].'>';
+ // skip invalid vCards
+ if (empty($vcard->email) || empty($vcard->email[0])) {
+ continue;
+ }
- // add box below messsage body
+ $display = $vcard->displayname . ' <'.$vcard->email[0].'>';
+
+ // add box below message body
$p['content'] .= html::p(array('class' => 'vcardattachment'),
html::a(array(
'href' => "#",
@@ -108,7 +113,7 @@
*/
function save_vcard()
{
- $this->add_texts('localization', true);
+ $this->add_texts('localization', true);
$uid = get_input_value('_uid', RCUBE_INPUT_POST);
$mbox = get_input_value('_mbox', RCUBE_INPUT_POST);
--
Gitblit v1.9.1