areguera / rpms / mailman

Forked from rpms/mailman 5 years ago
Clone

Blame SOURCES/mailman-long_text_description.patch

7812c9
diff --git a/Mailman/Utils.py b/Mailman/Utils.py
7812c9
index 7cd7f9b..aebc1c9 100644
7812c9
--- a/Mailman/Utils.py
7812c9
+++ b/Mailman/Utils.py
7812c9
@@ -259,10 +259,25 @@ CRNLpat = re.compile(r'[^\x21-\x7e]')
7812c9
 def GetPathPieces(envar='PATH_INFO'):
7812c9
     path = os.environ.get(envar)
7812c9
     if path:
7812c9
+        remote = os.environ.get('HTTP_FORWARDED_FOR',
7812c9
+                 os.environ.get('HTTP_X_FORWARDED_FOR',
7812c9
+                 os.environ.get('REMOTE_ADDR',
7812c9
+                                'unidentified origin')))
7812c9
         if CRNLpat.search(path):
7812c9
             path = CRNLpat.split(path)[0]
7812c9
             syslog('error', 'Warning: Possible malformed path attack.')
7812c9
-        return [p for p in path.split('/') if p]
7812c9
+        # Check for listname injections that won't be websafed.
7812c9
+        pieces = [p for p in path.split('/') if p]
7812c9
+        # Get the longest listname or 20 if none.
7812c9
+        if list_names():
7812c9
+            longest = max([len(x) for x in list_names()])
7812c9
+        else:
7812c9
+            longest = 20
7812c9
+        if pieces and len(pieces[0]) > longest:
7812c9
+            syslog('mischief',
7812c9
+               'Hostile listname: listname=%s: remote=%s', pieces[0], remote)
7812c9
+            pieces[0] = pieces[0][:longest] + '...'
7812c9
+        return pieces
7812c9
     return None
7812c9
 
7812c9