Sanitize incoming attachment mime type

5 years ago · e3aa66d844
parent df7b74c456
commit e3aa66d844
2 changed files with 29 additions and 9 deletions
--- a/app/src/main/java/eu/faircode/email/FragmentCompose.java
+++ b/app/src/main/java/eu/faircode/email/FragmentCompose.java
@ -70,7 +70,6 @@ import android.view.MotionEvent;
 import android.view.View;
 import android.view.ViewGroup;
 import android.view.inputmethod.InputMethodManager;
 import android.webkit.MimeTypeMap;
 import android.widget.AdapterView;
 import android.widget.ArrayAdapter;
 import android.widget.CheckBox;
@ -135,8 +134,10 @@ import javax.mail.MessageRemovedException;
 import javax.mail.Part;
 import javax.mail.Session;
 import javax.mail.internet.AddressException;
 import javax.mail.internet.ContentType;
 import javax.mail.internet.InternetAddress;
 import javax.mail.internet.MimeMessage;
 import javax.mail.internet.ParseException;
 import static android.app.Activity.RESULT_CANCELED;
 import static android.app.Activity.RESULT_OK;
@ -1927,17 +1928,21 @@ public class FragmentCompose extends FragmentBase {
            Log.e(ex);
        }
        // Check name
        if (TextUtils.isEmpty(fname))
            fname = uri.getLastPathSegment();
-        if (TextUtils.isEmpty(ftype)) {
+        // Check type
-            String extension = Helper.getExtension(fname);
+        if (!TextUtils.isEmpty(ftype))
-            if (extension != null)
+            try {
-                ftype = MimeTypeMap.getSingleton()
+                new ContentType(ftype);
-                        .getMimeTypeFromExtension(extension.toLowerCase(Locale.ROOT));
+            } catch (ParseException ex) {
-            if (ftype == null)
+                Log.w(ex);
-                ftype = "application/octet-stream";
+                ftype = null;
-        }
+            }
        if (TextUtils.isEmpty(ftype))
            ftype = Helper.guessMimeType(fname);
        if (fsize != null && fsize <= 0)
            fsize = null;
--- a/app/src/main/java/eu/faircode/email/Helper.java
+++ b/app/src/main/java/eu/faircode/email/Helper.java
@ -52,6 +52,7 @@ import android.view.View;
 import android.view.ViewGroup;
 import android.view.WindowManager;
 import android.view.inputmethod.EditorInfo;
 import android.webkit.MimeTypeMap;
 import android.webkit.WebView;
 import android.widget.Button;
 import android.widget.CheckBox;
@ -647,6 +648,20 @@ public class Helper {
        return filename.substring(index + 1);
    }
    static String guessMimeType(String filename) {
        String type = null;
        String extension = Helper.getExtension(filename);
        if (extension != null)
            type = MimeTypeMap.getSingleton()
                    .getMimeTypeFromExtension(extension.toLowerCase(Locale.ROOT));
        if (TextUtils.isEmpty(type))
            type = "application/octet-stream";
        return type;
    }
    static void writeText(File file, String content) throws IOException {
        try (FileOutputStream out = new FileOutputStream(file)) {
            if (content != null)