|
Matthew Barnes |
b1284d |
diff -up evolution-2.12.3/mail/em-format.c.CVE-2008-0072 evolution-2.12.3/mail/em-format.c
|
|
Matthew Barnes |
b1284d |
--- evolution-2.12.3/mail/em-format.c.CVE-2008-0072 2007-10-12 02:56:01.000000000 -0400
|
|
Matthew Barnes |
b1284d |
+++ evolution-2.12.3/mail/em-format.c 2008-03-04 15:59:30.000000000 -0500
|
|
Matthew Barnes |
b1284d |
@@ -1193,7 +1193,7 @@ emf_application_xpkcs7mime(EMFormat *emf
|
|
Matthew Barnes |
b1284d |
opart = camel_mime_part_new();
|
|
Matthew Barnes |
b1284d |
valid = camel_cipher_decrypt(context, part, opart, ex);
|
|
Matthew Barnes |
b1284d |
if (valid == NULL) {
|
|
Matthew Barnes |
b1284d |
- em_format_format_error(emf, stream, ex->desc?ex->desc:_("Could not parse S/MIME message: Unknown error"));
|
|
Matthew Barnes |
b1284d |
+ em_format_format_error(emf, stream, "%s", ex->desc?ex->desc:_("Could not parse S/MIME message: Unknown error"));
|
|
Matthew Barnes |
b1284d |
em_format_part_as(emf, stream, part, NULL);
|
|
Matthew Barnes |
b1284d |
} else {
|
|
Matthew Barnes |
b1284d |
if (emfc == NULL)
|
|
Matthew Barnes |
b1284d |
@@ -1350,7 +1350,7 @@ emf_multipart_encrypted(EMFormat *emf, C
|
|
Matthew Barnes |
b1284d |
if (valid == NULL) {
|
|
Matthew Barnes |
b1284d |
em_format_format_error(emf, stream, ex->desc?_("Could not parse PGP/MIME message"):_("Could not parse PGP/MIME message: Unknown error"));
|
|
Matthew Barnes |
b1284d |
if (ex->desc)
|
|
Matthew Barnes |
b1284d |
- em_format_format_error(emf, stream, ex->desc);
|
|
Matthew Barnes |
b1284d |
+ em_format_format_error(emf, stream, "%s", ex->desc);
|
|
Matthew Barnes |
b1284d |
em_format_part_as(emf, stream, part, "multipart/mixed");
|
|
Matthew Barnes |
b1284d |
} else {
|
|
Matthew Barnes |
b1284d |
if (emfc == NULL)
|
|
Matthew Barnes |
b1284d |
@@ -1515,7 +1515,7 @@ emf_multipart_signed(EMFormat *emf, Came
|
|
Matthew Barnes |
b1284d |
if (valid == NULL) {
|
|
Matthew Barnes |
b1284d |
em_format_format_error(emf, stream, ex->desc?_("Error verifying signature"):_("Unknown error verifying signature"));
|
|
Matthew Barnes |
b1284d |
if (ex->desc)
|
|
Matthew Barnes |
b1284d |
- em_format_format_error(emf, stream, ex->desc);
|
|
Matthew Barnes |
b1284d |
+ em_format_format_error(emf, stream, "%s", ex->desc);
|
|
Matthew Barnes |
b1284d |
em_format_part_as(emf, stream, part, "multipart/mixed");
|
|
Matthew Barnes |
b1284d |
} else {
|
|
Matthew Barnes |
b1284d |
if (emfc == NULL)
|
|
Matthew Barnes |
b1284d |
@@ -1586,7 +1586,7 @@ emf_inlinepgp_signed(EMFormat *emf, Came
|
|
Matthew Barnes |
b1284d |
if (!valid) {
|
|
Matthew Barnes |
b1284d |
em_format_format_error(emf, stream, ex->desc?_("Error verifying signature"):_("Unknown error verifying signature"));
|
|
Matthew Barnes |
b1284d |
if (ex->desc)
|
|
Matthew Barnes |
b1284d |
- em_format_format_error(emf, stream, ex->desc);
|
|
Matthew Barnes |
b1284d |
+ em_format_format_error(emf, stream, "%s", ex->desc);
|
|
Matthew Barnes |
b1284d |
em_format_format_source(emf, stream, ipart);
|
|
Matthew Barnes |
b1284d |
/* I think this will loop: em_format_part_as(emf, stream, part, "text/plain"); */
|
|
Matthew Barnes |
b1284d |
camel_exception_free(ex);
|
|
Matthew Barnes |
b1284d |
@@ -1657,7 +1657,7 @@ emf_inlinepgp_encrypted(EMFormat *emf, C
|
|
Matthew Barnes |
b1284d |
if (!valid) {
|
|
Matthew Barnes |
b1284d |
em_format_format_error(emf, stream, ex->desc?_("Could not parse PGP message"):_("Could not parse PGP message: Unknown error"));
|
|
Matthew Barnes |
b1284d |
if (ex->desc)
|
|
Matthew Barnes |
b1284d |
- em_format_format_error(emf, stream, ex->desc);
|
|
Matthew Barnes |
b1284d |
+ em_format_format_error(emf, stream, "%s", ex->desc);
|
|
Matthew Barnes |
b1284d |
em_format_format_source(emf, stream, ipart);
|
|
Matthew Barnes |
b1284d |
/* I think this will loop: em_format_part_as(emf, stream, part, "text/plain"); */
|
|
Matthew Barnes |
b1284d |
camel_exception_free(ex);
|