From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001 From: Aleksander Machniak <alec@alec.pl> Date: Tue, 22 Oct 2013 08:17:26 -0400 Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382) --- program/lib/Roundcube/rcube_user.php | 26 +++++++++++++++++++------- 1 files changed, 19 insertions(+), 7 deletions(-) diff --git a/program/lib/Roundcube/rcube_user.php b/program/lib/Roundcube/rcube_user.php index 7bd73e0..505b190 100644 --- a/program/lib/Roundcube/rcube_user.php +++ b/program/lib/Roundcube/rcube_user.php @@ -2,8 +2,6 @@ /* +-----------------------------------------------------------------------+ - | program/include/rcube_user.inc | - | | | This file is part of the Roundcube Webmail client | | Copyright (C) 2005-2012, The Roundcube Dev Team | | | @@ -14,13 +12,11 @@ | PURPOSE: | | This class represents a system user linked and provides access | | to the related database records. | - | | +-----------------------------------------------------------------------+ | Author: Thomas Bruederli <roundcube@gmail.com> | | Author: Aleksander Machniak <alec@alec.pl> | +-----------------------------------------------------------------------+ */ - /** * Class representing a system user @@ -86,12 +82,17 @@ /** * Build a user name string (as e-mail address) * - * @param string $part Username part (empty or 'local' or 'domain') + * @param string $part Username part (empty or 'local' or 'domain', 'mail') * @return string Full user name or its part */ function get_username($part = null) { if ($this->data['username']) { + // return real name + if (!$part) { + return $this->data['username']; + } + list($local, $domain) = explode('@', $this->data['username']); // at least we should always have the local part @@ -235,10 +236,12 @@ /** * Return a list of all identities linked with this user * - * @param string $sql_add Optional WHERE clauses + * @param string $sql_add Optional WHERE clauses + * @param bool $formatted Format identity email and name + * * @return array List of identities */ - function list_identities($sql_add = '') + function list_identities($sql_add = '', $formatted = false) { $result = array(); @@ -250,6 +253,15 @@ $this->ID); while ($sql_arr = $this->db->fetch_assoc($sql_result)) { + if ($formatted) { + $ascii_email = format_email($sql_arr['email']); + $utf8_email = format_email(rcube_utils::idn_to_utf8($ascii_email)); + + $sql_arr['email_ascii'] = $ascii_email; + $sql_arr['email'] = $utf8_email; + $sql_arr['ident'] = format_email_recipient($ascii_email, $sql_arr['name']); + } + $result[] = $sql_arr; } -- Gitblit v1.9.1