File rubygem-actionmailer-5_1-CVE-2024-47889.patch of Package rubygem-actionmailer-5_1

Overview Repositories Revisions Requests Users Attributes Meta

File rubygem-actionmailer-5_1-CVE-2024-47889.patch of Package rubygem-actionmailer-5_1

From 6fdabdf97eef69e9aa2261bd534b8a3c55f8f3b7 Mon Sep 17 00:00:00 2001
From: John Hawthorn <john@hawthorn.email>
Date: Fri, 11 Oct 2024 00:34:14 -0700
Subject: [PATCH] Avoid backtracking in ActionMailer block_format

[CVE-2024-47889]

Thanks to yuki_osaki and scyoon for reporting this vulnerability

Co-authored-by: Michael Leimstaedtner <michael.leimstaedtner@makandra.de>
---
 actionmailer/lib/action_mailer/mail_helper.rb | 14 +++++++++++---
 actionmailer/test/mail_helper_test.rb         | 13 +++++++++++++
 2 files changed, 24 insertions(+), 3 deletions(-)

Index: actionmailer-5.1.4/lib/action_mailer/mail_helper.rb
===================================================================
--- actionmailer-5.1.4.orig/lib/action_mailer/mail_helper.rb
+++ actionmailer-5.1.4/lib/action_mailer/mail_helper.rb
@@ -21,10 +21,18 @@ module ActionMailer
       }.join("\n\n")
 
       # Make list points stand on their own line
-      formatted.gsub!(/[ ]*([*]+) ([^*]*)/) { "  #{$1} #{$2.strip}\n" }
-      formatted.gsub!(/[ ]*([#]+) ([^#]*)/) { "  #{$1} #{$2.strip}\n" }
+      output = +""
+      splits = formatted.split(/(\*+|\#+)/)
+      while line = splits.shift
+        if line.start_with?("*", "#") && splits.first&.start_with?(" ")
+          output.chomp!(" ") while output.end_with?(" ")
+          output << "  #{line} #{splits.shift.strip}\n"
+        else
+          output << line
+        end
+      end
 
-      formatted
+      output
     end
 
     # Access the mailer instance.

Places

File rubygem-actionmailer-5_1-CVE-2024-47889.patch of Package rubygem-actionmailer-5_1

Places