Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-01 20:36:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix: Correctly sanitize input everywhere (#5697)

Browse Source 
Best reviewed commit-by-commit; the commit messages explain what is
done.
This commit is contained in:
Hocuri
2024-06-28 14:36:09 +02:00
committed by GitHub
parent 4ed9c04e9b
commit ac198b17bf
11 changed files with 226 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/mimeparser.rs
View File

@@ -6,7 +6,7 @@ use std::path::Path;
use std::str;
use anyhow::{bail, Context as _, Result};
use deltachat_contact_tools::{addr_cmp, addr_normalize, strip_rtlo_characters};
use deltachat_contact_tools::{addr_cmp, addr_normalize, sanitize_bidi_characters};
use deltachat_derive::{FromSql, ToSql};
use format_flowed::unformat_flowed;
use lettre_email::mime::Mime;
@@ -2048,7 +2048,7 @@ fn get_attachment_filename(
};
}
let desired_filename = desired_filename.map(|filename| strip_rtlo_characters(&filename));
let desired_filename = desired_filename.map(|filename| sanitize_bidi_characters(&filename));
Ok(desired_filename)
}