- don't ignore $from in batch send mode (#392861)

- check Maildir for not being NULL when expanding '='-paths - prevent mailto parsing buffer overflow by ignoring too long header - use strtok_r() to parse mailto: links, not strtok() - update UPDATING
2007-11-23 11:46:26 +00:00 · 2007-11-23 11:46:26 +00:00 · 82ee7a6c14
commit 82ee7a6c14
parent cf430032a5
5 changed files with 255 additions and 1 deletions
--- a/mutt-1.5.17-batchsend.patch
+++ b/mutt-1.5.17-batchsend.patch
@ -0,0 +1,13 @@
+diff -up mutt-1.5.17/send.c.batchsend mutt-1.5.17/send.c
+--- mutt-1.5.17/send.c.batchsend	2007-07-26 21:43:39.000000000 +0200
+++ mutt-1.5.17/send.c	2007-11-23 12:26:28.000000000 +0100
+@@ -1212,7 +1212,8 @@ ci_send_message (int flags,		/* send mod
+   if (!msg->env->from && option (OPTUSEFROM) && !(flags & (SENDPOSTPONED|SENDRESEND)))
+   {
+     msg->env->from = mutt_default_from ();
+-    killfrom = 1;	/* $use_from will be re-checked after send-hooks */
+    if (!(flags & SENDBATCH))
+      killfrom = 1;	/* $use_from will be re-checked after send-hooks */
+   }
+ 
+   if (flags & SENDBATCH) 
--- a/mutt-1.5.17-maildirnull.patch
+++ b/mutt-1.5.17-maildirnull.patch
@ -0,0 +1,20 @@
+# HG changeset patch
+# User Rocco Rutte <pdmef@gmx.net>
+# Date 1194084739 -3600
+# Branch HEAD
+# Node ID 0c054faeb28595ef4a252c38319fa1f1f376b68e
+# Parent  cc5de08f46129c447901f7f79e571105eb0d81c1
+Check Maildir for not being NULL when expanding '='-paths. Closes #2977.
+
+diff -r cc5de08f4612 -r 0c054faeb285 muttlib.c
+--- a/muttlib.c	Fri Nov 02 16:55:55 2007 -0700
+++ b/muttlib.c	Sat Nov 03 11:12:19 2007 +0100
+@@ -397,7 +397,7 @@ char *_mutt_expand_path (char *s, size_t
+ 	  strfcpy (p, NONULL (Maildir), sizeof (p));
+ 	else
+ #endif
+-	if (Maildir[strlen (Maildir) - 1] == '/')
+	if (Maildir && *Maildir && Maildir[strlen (Maildir) - 1] == '/')
+ 	  strfcpy (p, NONULL (Maildir), sizeof (p));
+ 	else
+ 	  snprintf (p, sizeof (p), "%s/", NONULL (Maildir));
--- a/mutt-1.5.17-mailto.patch
+++ b/mutt-1.5.17-mailto.patch
@ -0,0 +1,113 @@
+# HG changeset patch
+# User Rocco Rutte <pdmef@gmx.net>
+# Date 1194196465 -3600
+# Branch HEAD
+# Node ID 6248b3c04f61fcbd447bed96030cb7a4887b69b6
+# Parent  2157b46eb93823e5c38136fe49c9b16c1475f27b
+Prevent mailto parsing buffer overflow by ignoring too long header.
+If they're longer than our buffer, we can't turn it into a header to
+be parsed by mutt_parse_rfc822_line() anyway, so we bail out in this
+case. Also make main() catchup mailto parsing errors. Closes #2980.
+
+diff -r 2157b46eb938 -r 6248b3c04f61 main.c
+--- a/main.c	Sun Nov 04 17:02:56 2007 +0100
+++ b/main.c	Sun Nov 04 18:14:25 2007 +0100
+@@ -829,7 +829,15 @@ int main (int argc, char **argv)
+       for (i = optind; i < argc; i++)
+       {
+ 	if (url_check_scheme (argv[i]) == U_MAILTO)
+-	  url_parse_mailto (msg->env, &bodytext, argv[i]);
+	{
+	  if (url_parse_mailto (msg->env, &bodytext, argv[i]) < 0)
+	  {
+	    if (!option (OPTNOCURSES))
+	      mutt_endwin (NULL);
+	    fputs (_("Failed to parse mailto: link\n"), stderr);
+	    exit (1);
+	  }
+	}
+ 	else
+ 	  msg->env->to = rfc822_parse_adrlist (msg->env->to, argv[i]);
+       }
+diff -r 2157b46eb938 -r 6248b3c04f61 url.c
+--- a/url.c	Sun Nov 04 17:02:56 2007 +0100
+++ b/url.c	Sun Nov 04 18:14:25 2007 +0100
+@@ -217,7 +217,7 @@ int url_parse_mailto (ENVELOPE *e, char 
+   char *tag, *value;
+   char scratch[HUGE_STRING];
+ 
+-  int taglen;
+  int taglen, rc = 0;
+ 
+   LIST *last = NULL;
+   
+@@ -250,19 +250,25 @@ int url_parse_mailto (ENVELOPE *e, char 
+       if (body)
+ 	mutt_str_replace (body, value);
+     }
+-    else 
+-    {
+-      taglen = strlen (tag);
+-      /* mutt_parse_rfc822_line makes some assumptions */
+    else if ((taglen = mutt_strlen (tag)) <= sizeof (scratch) - 2)
+    {
+      /* only try to parse if we can format it as header for
+       * mutt_parse_rfc822_line (tag fits in scratch) */
+       snprintf (scratch, sizeof (scratch), "%s: %s", tag, value);
+       scratch[taglen] = '\0';
+       value = &scratch[taglen+1];
+       SKIPWS (value);
+       mutt_parse_rfc822_line (e, NULL, scratch, value, 1, 0, 0, &last);
+     }
+-  }
+-  
+    else
+    {
+      rc = -1;
+      goto out;
+    }
+  }
+
+out:
+   FREE (&tmp);
+-  return 0;
+-}
+-
+  return rc;
+}
+
+# HG changeset patch
+# User cypher@conuropsis.org
+# Date 1194197244 -3600
+# Branch HEAD
+# Node ID ab676b9f0c040644f27c1fb862a7d67171c553c7
+# Parent  6248b3c04f61fcbd447bed96030cb7a4887b69b6
+Use strtok_r() to parse mailto: links, not strtok().
+In case a headers needs to call mutt_parse_references() which uses
+strtok(), too, later headers will be silently discarded. Closes #2968.
+
+diff -r 6248b3c04f61 -r ab676b9f0c04 url.c
+--- a/url.c	Sun Nov 04 18:14:25 2007 +0100
+++ b/url.c	Sun Nov 04 18:27:24 2007 +0100
+@@ -211,7 +211,7 @@ int url_ciss_tostring (ciss_url_t* ciss,
+ 
+ int url_parse_mailto (ENVELOPE *e, char **body, const char *src)
+ {
+-  char *t;
+  char *t, *p;
+   char *tmp;
+   char *headers;
+   char *tag, *value;
+@@ -233,9 +233,9 @@ int url_parse_mailto (ENVELOPE *e, char 
+   url_pct_decode (tmp);
+   e->to = rfc822_parse_adrlist (e->to, tmp);
+ 
+-  tag = headers ? strtok (headers, "&") : NULL;
+-  
+-  for (; tag; tag = strtok (NULL, "&"))
+  tag = headers ? strtok_r (headers, "&", &p) : NULL;
+  
+  for (; tag; tag = strtok_r (NULL, "&", &p))
+   {
+     if ((value = strchr (tag, '=')))
+       *value++ = '\0';
--- a/mutt-1.5.17-updating.patch
+++ b/mutt-1.5.17-updating.patch
@ -0,0 +1,93 @@
+# HG changeset patch
+# User Rocco Rutte <pdmef@gmx.net>
+# Date 1194192176 -3600
+# Branch HEAD
+# Node ID 2157b46eb93823e5c38136fe49c9b16c1475f27b
+# Parent  1416714ec4d1013f5572e49e480df8b9de2bdee0
+Add 1.5.17 to UPDATING
+
+diff -r 1416714ec4d1 -r 2157b46eb938 UPDATING
+--- a/UPDATING	Sun Nov 04 17:01:12 2007 +0100
+++ b/UPDATING	Sun Nov 04 17:02:56 2007 +0100
+@@ -3,6 +3,8 @@ mutt. Please read this file carefully wh
+ 
+ The keys used are:
+   !: modified feature, -: deleted feature, +: new feature
+
+1.5.17 (2007-11-01)
+ 
+   ! --enable-exact-address works again
+   + next-unread-mailbox
+# HG changeset patch
+# User Rocco Rutte <pdmef@gmx.net>
+# Date 1194199833 -3600
+# Branch HEAD
+# Node ID 02e8b9c7bdc61250c9546de1abc0cb296953274c
+# Parent  ab676b9f0c040644f27c1fb862a7d67171c553c7
+Fixup UPDATING for 1.5.16/1.5.17
+
+diff -r ab676b9f0c04 -r 02e8b9c7bdc6 UPDATING
+--- a/UPDATING	Sun Nov 04 18:27:24 2007 +0100
+++ b/UPDATING	Sun Nov 04 19:10:33 2007 +0100
+@@ -4,14 +4,18 @@ The keys used are:
+ The keys used are:
+   !: modified feature, -: deleted feature, +: new feature
+ 
+-1.5.17 (2007-11-01)
+1.5.17 (2007-11-01):
+ 
+   ! --enable-exact-address works again
+
+1.5.16 (2007-06-09):
+
+   + next-unread-mailbox
+   + $message_cache_clean (clean cache on sync)
+-  + %P expando for $pager_format
+  + $smtp_pass
+  ! $header_cache_compress defaults to yes
+ 
+-1.5.15 (2007-04-06)
+1.5.15 (2007-04-06):
+ 
+   - $imap_home_namespace (useless clutter)
+   + $check_mbox_size (use size change instead of atime for new mail)
+# HG changeset patch
+# User Rocco Rutte <pdmef@gmx.net>
+# Date 1195640183 -3600
+# Branch HEAD
+# Node ID 849daa6be9f56dc0e3505b9c7e9d18d1116a53cd
+# Parent  96f931ae0b2298134f5c3c1ac283d5bd6d7b287f
+Remove raw utf-8 char in UPDATING to make it ascii again
+
+diff -r 96f931ae0b22 -r 849daa6be9f5 UPDATING
+--- a/UPDATING	Tue Nov 20 19:46:52 2007 +0100
+++ b/UPDATING	Wed Nov 21 11:16:23 2007 +0100
+@@ -28,7 +28,7 @@ 1.5.15 (2007-04-06):
+   + $save_history, $history_file (save history across sessions)
+   + $smtp_url (ESMTP relay support)
+   + $crypt_use_pka (use GPGME PKA signature verification)
+-  ! format pipe support: format strings ending in | are filtered
+  ! format pipe support: format strings ending in | are filtered
+ 
+ 1.5.13 (2006-08-14):
+ 
+# HG changeset patch
+# User Rocco Rutte <pdmef@gmx.net>
+# Date 1195660074 -3600
+# Branch HEAD
+# Node ID 309ab3a63d915dd50921ec23d4f73e7b87985527
+# Parent  b8d811e5931eee623dfd5c040bade7ec9e1554a9
+Add UPDATING entry for $check_mbox_size
+
+diff -r b8d811e5931e -r 309ab3a63d91 UPDATING
+--- a/UPDATING	Wed Nov 21 14:46:43 2007 +0100
+++ b/UPDATING	Wed Nov 21 16:47:54 2007 +0100
+@@ -29,6 +29,8 @@ 1.5.15 (2007-04-06):
+   + $smtp_url (ESMTP relay support)
+   + $crypt_use_pka (use GPGME PKA signature verification)
+   ! format pipe support: format strings ending in | are filtered
+  ! buffy size is configurable at runtime (no --enable-buffy-size
+    configure option, new $check_mbox_size variable)
+ 
+ 1.5.13 (2006-08-14):
+ 
--- a/mutt.spec
+++ b/mutt.spec
@ -1,7 +1,7 @@
 Summary: A text mode mail user agent
 Name: mutt
 Version: 1.5.17
-Release: 1%{?dist}
+Release: 2%{?dist}
 Epoch: 5
 # The entire source code is GPLv2+ except
 # pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain
@ -12,6 +12,10 @@ Source1: mutt_ldap_query
 Patch2: mutt-1.5.13-nodotlock.patch
 Patch3: mutt-1.5.16-muttrc.patch
 Patch4: mutt-1.5.17-manual.patch
+Patch5: mutt-1.5.17-maildirnull.patch
+Patch6: mutt-1.5.17-updating.patch
+Patch7: mutt-1.5.17-mailto.patch
+Patch8: mutt-1.5.17-batchsend.patch
 Url: http://www.mutt.org/
 Requires: mailcap urlview
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@ -34,6 +38,10 @@ for selecting groups of messages.
 %patch2 -p1 -b .nodl
 %patch3 -p1 -b .muttrc
 %patch4 -p1 -b .manual
+%patch5 -p1 -b .maildirnull
+%patch6 -p1 -b .updating
+%patch7 -p1 -b .mailto
+%patch8 -p1 -b .batchsend

 install -p -m644 %{SOURCE1} mutt_ldap_query

@ -97,6 +105,13 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man5/muttrc.*

 %changelog
+* Fri Nov 23 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.17-2
+- don't ignore $from in batch send mode (#392861)
+- check Maildir for not being NULL when expanding '='-paths
+- prevent mailto parsing buffer overflow by ignoring too long header
+- use strtok_r() to parse mailto: links, not strtok()
+- update UPDATING
+
 * Fri Nov 02 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.17-1
 - update to 1.5.17