Skip to content

Commit

Permalink
carddav_db.c: don't leak X-prop values when writing vCard
Browse files Browse the repository at this point in the history
  • Loading branch information
@ksmurchison
ksmurchison committed Dec 4, 2023
1 parent 466af13 commit e13a692
Showing 1 changed file with 11 additions and 8 deletions.
19 changes: 11 additions & 8 deletions imap/carddav_db.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1160,16 +1160,19 @@ EXPORTED int carddav_writecard(struct carddav_db *carddavdb,
}
else if (!strcasecmp(name, "member") ||
!strcasecmp(name, "x-addressbookserver-member")) {
if (strncmp(propval, "urn:uuid:", 9)) continue;
strarray_append(&member_uids, propval+9);
strarray_append(&member_uids, "");
if (!strncmp(propval, "urn:uuid:", 9)) {
strarray_append(&member_uids, propval+9);
strarray_append(&member_uids, "");
}
}
else if (!strcasecmp(name, "x-fm-otheraccount-member")) {
if (strncmp(propval, "urn:uuid:", 9)) continue;
struct vparse_param *param = vparse_get_param(ventry, "userid");
if (!param) continue;
strarray_append(&member_uids, propval+9);
strarray_append(&member_uids, param->value);
if (!strncmp(propval, "urn:uuid:", 9)) {
struct vparse_param *param = vparse_get_param(ventry, "userid");
if (param) {
strarray_append(&member_uids, propval+9);
strarray_append(&member_uids, param->value);
}
}
}
else if (!strcasecmp(name, "kind") ||
!strcasecmp(name, "x-addressbookserver-kind")) {
Expand Down

0 comments on commit e13a692

Please sign in to comment.