[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: kdepim/kmail
From: Marc Mutz <mutz () kde ! org>
Date: 2005-04-07 9:06:34
Message-ID: 20050407090634.3EAB6487 () office ! kde ! org
[Download RAW message or body]
CVS commit by mutz:
from proko2: Fix input sanitation bug. This doesn't look exploitable, since the \
string comes from the attachment properties dialog, but fixing nevertheless :)
M +1 -1 kmmsgpartdlg.cpp 1.62
--- kdepim/kmail/kmmsgpartdlg.cpp #1.61:1.62
@@ -400,5 +400,5 @@ void KMMsgPartDialogCompat::applyChanges
cDisp += "*=" + encName;
else
- cDisp += "=\"" + encName + '"';
+ cDisp += "=\"" + encName.replace( '\\', "\\\\" ).replace( '"', "\\\"" ) + '"';
mMsgPart->setContentDisposition( cDisp );
}
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic