MimeUtility.fold ensures that line separators are always followed by whitespace

bshannon · bshannon · commit ef7e54144d3d · 2016-07-12T15:31:07.000-07:00
and InternetAddress.toString(Address[],int) now uses MimeUtility.fold - bug 7529
diff --git a/doc/release/CHANGES.txt b/doc/release/CHANGES.txt
@@ -35,6 +35,7 @@ K  7472	Store finalizers should not talk to server
 K  7506	MailHandler verify should load additional content handlers
 K  7512	NullPointerException if SASL is enabled on Android
 K  7513	write timeouts don't work with SSL on Android
+K  7529	JavaMail allows injection of unwanted headers
 
 
 		  CHANGES IN THE 1.5.5 RELEASE
diff --git a/mail/src/main/java/javax/mail/internet/InternetAddress.java b/mail/src/main/java/javax/mail/internet/InternetAddress.java
@@ -459,17 +459,22 @@ public static String toString(Address[] addresses, int used) {
 	if (addresses == null || addresses.length == 0)
 	    return null;
 
-	StringBuffer sb = new StringBuffer();
+	StringBuilder sb = new StringBuilder();
 
 	for (int i = 0; i < addresses.length; i++) {
 	    if (i != 0) { // need to append comma
 		sb.append(", ");
 		used += 2;
 	    }
 
-	    String s = addresses[i].toString();
+	    // prefer not to split a single address across lines so used=0 below
+	    String s = MimeUtility.fold(0, addresses[i].toString());
 	    int len = lengthOfFirstSegment(s); // length till CRLF
 	    if (used + len > 76) { // overflows ...
+		// smash trailing space from ", " above
+		int curlen = sb.length();
+		if (curlen > 0 && sb.charAt(curlen - 1) == ' ')
+		    sb.setLength(curlen - 1);
 		sb.append("\r\n\t"); // .. start new continuation line
 		used = 8; // account for the starting <tab> char
 	    }
@@ -480,7 +485,8 @@ public static String toString(Address[] addresses, int used) {
 	return sb.toString();
     }
 
-    /* Return the length of the first segment within this string.
+    /*
+     * Return the length of the first segment within this string.
      * If no segments exist, the length of the whole line is returned.
      */
     private static int lengthOfFirstSegment(String s) {
diff --git a/mail/src/main/java/javax/mail/internet/MimeUtility.java b/mail/src/main/java/javax/mail/internet/MimeUtility.java
@@ -1070,10 +1070,10 @@ public static String fold(int used, String s) {
 
 	// if the string fits now, just return it
 	if (used + s.length() <= 76)
-	    return s;
+	    return makesafe(s);
 
 	// have to actually fold the string
-	StringBuffer sb = new StringBuffer(s.length() + 4);
+	StringBuilder sb = new StringBuilder(s.length() + 4);
 	char lastc = 0;
 	while (used + s.length() > 76) {
 	    int lastspace = -1;
@@ -1101,6 +1101,46 @@ public static String fold(int used, String s) {
 	    used = 1;
 	}
 	sb.append(s);
+	return makesafe(sb);
+    }
+
+    /**
+     * If the String or StringBuilder has any embedded newlines,
+     * make sure they're followed by whitespace, to prevent header
+     * injection errors.
+     */
+    private static String makesafe(CharSequence s) {
+	int i;
+	for (i = 0; i < s.length(); i++) {
+	    char c = s.charAt(i);
+	    if (c == '\r' || c == '\n')
+		break;
+	}
+	if (i == s.length())	// went through whole string with no CR or LF
+	    return s.toString();
+
+	// read the lines in the string and reassemble them,
+	// eliminating blank lines and inserting whitespace as necessary
+	StringBuilder sb = new StringBuilder(s.length() + 1);
+	BufferedReader r = new BufferedReader(new StringReader(s.toString()));
+	String line;
+	try {
+	    while ((line = r.readLine()) != null) {
+		if (line.trim().length() == 0)
+		    continue;	// ignore empty lines
+		if (sb.length() > 0) {
+		    sb.append("\r\n");
+		    assert line.length() > 0; // proven above
+		    char c = line.charAt(0);
+		    if (c != ' ' && c != '\t')
+			sb.append(' ');
+		}
+		sb.append(line);
+	    }
+	} catch (IOException ex) {
+	    // XXX - should never happen when reading from a string
+	    return s.toString();
+	}
 	return sb.toString();
     }
 
diff --git a/mail/src/test/java/javax/mail/internet/InternetAddressFoldTest.java b/mail/src/test/java/javax/mail/internet/InternetAddressFoldTest.java
@@ -0,0 +1,125 @@
+/*
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
+ *
+ * Copyright (c) 1997-2016 Oracle and/or its affiliates. All rights reserved.
+ *
+ * The contents of this file are subject to the terms of either the GNU
+ * General Public License Version 2 only ("GPL") or the Common Development
+ * and Distribution License("CDDL") (collectively, the "License").  You
+ * may not use this file except in compliance with the License.  You can
+ * obtain a copy of the License at
+ * https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html
+ * or packager/legal/LICENSE.txt.  See the License for the specific
+ * language governing permissions and limitations under the License.
+ *
+ * When distributing the software, include this License Header Notice in each
+ * file and include the License file at packager/legal/LICENSE.txt.
+ *
+ * GPL Classpath Exception:
+ * Oracle designates this particular file as subject to the "Classpath"
+ * exception as provided by Oracle in the GPL Version 2 section of the License
+ * file that accompanied this code.
+ *
+ * Modifications:
+ * If applicable, add the following below the License Header, with the fields
+ * enclosed by brackets [] replaced by your own identifying information:
+ * "Portions Copyright [year] [name of copyright owner]"
+ *
+ * Contributor(s):
+ * If you wish your version of this file to be governed by only the CDDL or
+ * only the GPL Version 2, indicate your decision by adding "[Contributor]
+ * elects to include this software in this distribution under the [CDDL or GPL
+ * Version 2] license."  If you don't indicate a single choice of license, a
+ * recipient has the option to distribute your version of this file under
+ * either the CDDL, the GPL Version 2 or to extend the choice of license to
+ * its licensees as provided above.  However, if you add GPL Version 2 code
+ * and therefore, elected the GPL Version 2 license, then the option applies
+ * only if the new code is made subject to such option by the copyright
+ * holder.
+ */
+
+package javax.mail.internet;
+
+import java.io.*;
+import java.util.*;
+import javax.mail.internet.InternetAddress;
+
+import org.junit.Test;
+import org.junit.Assert;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+import org.junit.runners.Parameterized.Parameters;
+
+/**
+ * Test InternetAddress folding.
+ *
+ * @author Bill Shannon
+ */
+
+@RunWith(Parameterized.class)
+public class InternetAddressFoldTest {
+    private InternetAddress[] orig;
+    private String expect;
+
+    private static List<Object[]> testData;
+
+    public InternetAddressFoldTest(InternetAddress[] orig, String expect) {
+	this.orig = orig;
+	this.expect = expect;
+    }
+
+    @Parameters
+    public static Collection<Object[]> data() throws Exception {
+	testData = new ArrayList<Object[]>();
+	parse(new BufferedReader(new InputStreamReader(
+	    InternetAddressFoldTest.class.getResourceAsStream("addrfolddata"))));
+	return testData;
+    }
+
+    /**
+     * Read the data from the test file.  Format is:
+     *
+     * FOLD N
+     * address1$
+     * ...
+     * addressN$
+     * EXPECT
+     * address1, ..., addressN$
+     */
+    private static void parse(BufferedReader in) throws Exception {
+	String line;
+	while ((line = in.readLine()) != null) {
+	    if (line.startsWith("#") || line.length() == 0)
+		continue;
+	    if (!line.startsWith("FOLD"))
+		throw new IOException("TEST DATA FORMAT ERROR, MISSING FOLD");
+	    int count = Integer.parseInt(line.substring(5));
+	    InternetAddress[] orig = new InternetAddress[count];
+	    for (int i = 0; i < count; i++)
+		orig[i] = new InternetAddress(readString(in));
+	    String e = in.readLine();
+	    if (!e.equals("EXPECT"))
+		throw new IOException("TEST DATA FORMAT ERROR, MISSING EXPECT");
+	    String expect = readString(in);
+	    testData.add(new Object[] { orig, expect });
+	}
+    }
+
+    /**
+     * Read a string that ends with '$', preserving all characters,
+     * especially including CR and LF.
+     */
+    private static String readString(BufferedReader in) throws IOException {
+	StringBuffer sb = new StringBuffer();
+	int c;
+	while ((c = in.read()) != '$')
+	    sb.append((char)c);
+	in.readLine();	// throw away rest of line
+	return sb.toString();
+    }
+
+    @Test
+    public void testFold() {
+	Assert.assertEquals("Fold", expect, InternetAddress.toString(orig, 0));
+    }
+}
diff --git a/mail/src/test/resources/javax/mail/internet/folddata b/mail/src/test/resources/javax/mail/internet/folddata
@@ -1,7 +1,7 @@
 #
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 #
-# Copyright (c) 1997-2010 Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 1997-2016 Oracle and/or its affiliates. All rights reserved.
 #
 # The contents of this file are subject to the terms of either the GNU
 # General Public License Version 2 only ("GPL") or the Common Development
@@ -39,7 +39,7 @@
 #
 
 #
-# Test data used by foldtest.java to test the MimeUtility.fold
+# Test data used by FoldTest.java to test the MimeUtility.fold
 # and MimeUtility.unfold methods.
 #
 # First, tests that ensure simple strings aren't changed.
@@ -265,3 +265,53 @@ a
 	b$
 EXPECT
 a b$
+#
+# Fold with embedded newlines
+#
+FOLD
+a
+b$
+EXPECT
+a
+ b$
+FOLD
+a
+
+b$
+EXPECT
+a
+ b$
+FOLD
+ab$
+EXPECT
+a
+ b$
+FOLD
+ab$
+EXPECT
+a
+ b$
+FOLD
+a
+b$
+EXPECT
+a
+ b$
+FOLD
+a
+b$
+EXPECT
+a
+ b$
+FOLD
+a
+ b$
+EXPECT
+a
+ b$
+FOLD
+a
+ b$
+EXPECT
+a
+ b$
