[kmail2] [Bug 404698] Decryption Oracle based on replying to PGP or S/MIME encrypted emails

Sandro Knauß bugzilla_noreply at kde.org
Mon Apr 22 22:21:16 BST 2019


https://bugs.kde.org/show_bug.cgi?id=404698

--- Comment #13 from Sandro Knauß <sknauss at kde.org> ---
@Jens: what version did you test? You set "Debian Stable" and "5.10.3" this
does not match. Debian stable has 16.04.3 aka 5.2.3. 

I now started to look into the issue, but I can't reproduce it with the
attached messages for 18.08.3 nor for master. At least for the encrypted
content to be simple text. Do I need to construct a mimetree inside the
encrypted message parts?
And this make totally sense, as we have already have the concept of
firstTextNode inside ObjectTreeParser, that takes effect here.

I added the proof-of-concept mails to our autotests: 
  https://phabricator.kde.org/D20757
the plain.reply files are the output of the reply window.

For those you have a test environment for messagelib, those can view such mails
and reply/forward:

GNUPGHOME=<buildpath of messagelib>/messagecore/autotests/gnupg_home/ kmail
--view 404698-gpg.mbox

A short explanation, how a reply/forward is created (everything in messagelib):
* templateparser/src/templateparserjob constructs a new KMime::Message mMsg
from a given mOrigMsg.
* TemplateParserJob uses MimeTreeParser::ObjectTreeParser to get
htmlContent/plainTextContent. At least for plainTextContent it is easy to
follow, that only the content from first text node is used. For htmlContent it
looks, like we merge different htmlNodes via
messagepart.cpp:HtmlMessagePart::fix()

-- 
You are receiving this mail because:
You are the assignee for the bug.


More information about the Kdepim-bugs mailing list