From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 program/steps/addressbook/edit.inc |   16 +++++++---------
 1 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/program/steps/addressbook/edit.inc b/program/steps/addressbook/edit.inc
index b216a7c..7ddd3e5 100644
--- a/program/steps/addressbook/edit.inc
+++ b/program/steps/addressbook/edit.inc
@@ -43,16 +43,14 @@
 else {
     $source = get_input_value('_source', RCUBE_INPUT_GPC);
 
-    if (!strlen($source)) {
-        // Give priority to configured default
-        $source = $RCMAIL->config->get('default_addressbook');
+    if (strlen($source)) {
+        $CONTACTS = $RCMAIL->get_address_book($source, true);
     }
 
-    $CONTACTS = $RCMAIL->get_address_book($source, true);
-
-    // find writable addressbook
-    if (!$CONTACTS || $CONTACTS->readonly)
-        $source = rcmail_default_source(true);
+    if (!$CONTACTS || $CONTACTS->readonly) {
+        $CONTACTS = $RCMAIL->get_address_book(-1, true);
+        $source   = $RCMAIL->get_address_book_id($CONTACTS);
+    }
 
     // Initialize addressbook
     $CONTACTS = rcmail_contact_source($source, true);
@@ -239,7 +237,7 @@
 {
     global $RCMAIL, $SOURCE_ID;
 
-    $sources_list = $RCMAIL->get_address_sources(true);
+    $sources_list = $RCMAIL->get_address_sources(true, true);
 
     if (count($sources_list) < 2) {
         $source = $sources_list[$SOURCE_ID];

--
Gitblit v1.9.1