diff options
author | Sergey Poznyakoff <gray@gnu.org> | 2019-01-18 14:45:26 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org> | 2019-01-18 14:45:26 +0200 |
commit | 99b6b6f02c3cf94ebe1daf7233a702c743d6a2b5 (patch) | |
tree | 8ab5ed89589484a0cb21996083840a73268fd83c | |
parent | 7364ca04534543f61523107b7425239ff22c43b9 (diff) | |
download | mailutils-99b6b6f02c3cf94ebe1daf7233a702c743d6a2b5.tar.gz mailutils-99b6b6f02c3cf94ebe1daf7233a702c743d6a2b5.tar.bz2 |
Don't reveal file name with the '0 messages' summary message
Rationale: file name can contain password.
* mail/mail.c (main): Make sure file is always allocated. Fill it
with 0's and free when no longer needed. Use mail_summary to display
the summary for empty mailbox.
-rw-r--r-- | mail/mail.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/mail/mail.c b/mail/mail.c index 32bef66fe..f5d1689ca 100644 --- a/mail/mail.c +++ b/mail/mail.c @@ -520,12 +520,12 @@ main (int argc, char **argv) mu_error (_("-f requires at most one command line argument")); exit (1); } - file = argv[0]; + file = mu_strdup (argv[0]); } else if (user) mu_asprintf (&file, "~/%s/mbox", user); else - file = "~/mbox"; + file = mu_strdup ("~/mbox"); } else if (argc || (hint & HINT_SEND_MODE)) util_cache_command (&command_list, "setq mode=send"); @@ -595,6 +595,16 @@ main (int argc, char **argv) exit (EXIT_FAILURE); } + if (file) + { + /* Destroy the content of file prior to freeing it: it can contain + password, although such usage is discouraged */ + memset (file, 0, strlen (file)); + free (file); + /* Note: the *value* of this variable will be used later to determine + what kind of message to display if the mailbox is empty */ + } + if ((rc = mu_mailbox_open (mbox, MU_STREAM_RDWR|MU_STREAM_CREAT)) != 0) { mu_url_t url = NULL; @@ -637,8 +647,8 @@ main (int argc, char **argv) if (total == 0 && (strcmp (mode, "read") || !mailvar_is_true ("emptystart"))) { - if (file) - mu_printf (_("%s: 0 messages\n"), file); + if (file) /* See the comment above */ + mail_summary (0, NULL); else mu_printf (_("No mail for %s\n"), user ? user : mail_whoami ()); return 1; |