From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 program/steps/mail/search.inc |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/program/steps/mail/search.inc b/program/steps/mail/search.inc
index f9b8f9e..fb1b487 100644
--- a/program/steps/mail/search.inc
+++ b/program/steps/mail/search.inc
@@ -69,7 +69,7 @@
 else if (preg_match("/^body:.*/i", $str))
 {
   list(,$srch) = explode(":", $str);
-  $subject['text'] = "TEXT";
+  $subject['body'] = "BODY";
 }
 else if (strlen(trim($str)))
 {
@@ -81,7 +81,7 @@
         break;
       }
       else {
-        $subject[$header] = 'HEADER '.strtoupper($header);
+        $subject[$header] = ($header != 'body' ? 'HEADER ' : '') . strtoupper($header);
       }
     }
 
@@ -89,7 +89,8 @@
     $search_mods = $RCMAIL->config->get('search_mods', $SEARCH_MODS_DEFAULT);
     $search_mods[$mbox] = array_fill_keys(array_keys($subject), 1);
     $RCMAIL->user->save_prefs(array('search_mods' => $search_mods));
-  } else {
+  }
+  else {
     // search in subject by default
     $subject['subject'] = 'HEADER SUBJECT';
   }

--
Gitblit v1.9.1