Loading pkgs/by-name/ae/aerc/basename-temp-file-fixup.patch 0 → 100644 +34 −0 Original line number Diff line number Diff line From 2bbe75fe0bc87ab4c1e16c5a18c6200224391629 Mon Sep 17 00:00:00 2001 From: Nicole Patricia Mazzuca <nicole@streganil.no> Date: Fri, 9 May 2025 09:32:21 +0200 Subject: [PATCH] open: fix opening text/html messages This fixes a bug introduced in 93bec0de8ed5ab3d6b1f01026fe2ef20fa154329: aerc started using `path.Base(<part>)`, which returns `"."` on an empty path, but still checked for `""` two lines later. On macOS, the result is that aerc attempts to open the directory: ``` open /var/folders/vn/hs0zvdsx3vq6svvry8s1bnym0000gn/T/aerc-4229266673: is a directory ``` Signed-off-by: Nicole Patricia Mazzuca <nicole@streganil.no> Acked-by: Robin Jarry <robin@jarry.cc> --- commands/msgview/open.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/commands/msgview/open.go b/commands/msgview/open.go index a6e43cb8da5fd49d2aa562d4c25ee2d597deefc3..7c770d4a90b771e3a18dfcb327f5e9306d5b5fa7 100644 --- a/commands/msgview/open.go +++ b/commands/msgview/open.go @@ -59,7 +59,7 @@ func (o Open) Execute(args []string) error { } filename := path.Base(part.FileName()) var tmpFile *os.File - if filename == "" { + if filename == "." { extension := "" if exts, _ := mime.ExtensionsByType(mimeType); len(exts) > 0 { extension = exts[0] pkgs/by-name/ae/aerc/basename-temp-file.patch 0 → 100644 +41 −0 Original line number Diff line number Diff line From 93bec0de8ed5ab3d6b1f01026fe2ef20fa154329 Mon Sep 17 00:00:00 2001 From: Robin Jarry <robin@jarry.cc> Date: Wed, 9 Apr 2025 10:49:24 +0200 Subject: [PATCH] open: only use part basename for temp file When an attachment part has a name such as "/tmp/55208186_AllDocs.pdf", aerc creates a temp folder and tries to store the file by blindly concatenating the path as follows: /tmp/aerc-3444057757/tmp/55208186_AllDocs.pdf And when writing to this path, it gets a "No such file or directory" error because the intermediate "tmp" subfolder isn't created. Reported-by: Erik Colson <eco@ecocode.net> Signed-off-by: Robin Jarry <robin@jarry.cc> --- commands/msgview/open.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/commands/msgview/open.go b/commands/msgview/open.go index 4293b7e4892c137a7f3fbbe79245ffb6733b2671..a6e43cb8da5fd49d2aa562d4c25ee2d597deefc3 100644 --- a/commands/msgview/open.go +++ b/commands/msgview/open.go @@ -5,6 +5,7 @@ import ( "io" "mime" "os" + "path" "path/filepath" "git.sr.ht/~rjarry/aerc/app" @@ -56,7 +57,7 @@ func (o Open) Execute(args []string) error { app.PushError(err.Error()) return } - filename := part.FileName() + filename := path.Base(part.FileName()) var tmpFile *os.File if filename == "" { extension := "" pkgs/by-name/ae/aerc/package.nix +8 −1 Original line number Diff line number Diff line Loading @@ -33,7 +33,14 @@ buildGoModule (finalAttrs: { python3Packages.wrapPython ]; patches = [ ./runtime-libexec.patch ]; patches = [ ./runtime-libexec.patch # TODO remove these with the next release # they resolve a path injection vulnerability when saving attachments (CVE-2025-49466) ./basename-temp-file.patch ./basename-temp-file-fixup.patch ]; postPatch = '' substituteAllInPlace config/aerc.conf Loading Loading
pkgs/by-name/ae/aerc/basename-temp-file-fixup.patch 0 → 100644 +34 −0 Original line number Diff line number Diff line From 2bbe75fe0bc87ab4c1e16c5a18c6200224391629 Mon Sep 17 00:00:00 2001 From: Nicole Patricia Mazzuca <nicole@streganil.no> Date: Fri, 9 May 2025 09:32:21 +0200 Subject: [PATCH] open: fix opening text/html messages This fixes a bug introduced in 93bec0de8ed5ab3d6b1f01026fe2ef20fa154329: aerc started using `path.Base(<part>)`, which returns `"."` on an empty path, but still checked for `""` two lines later. On macOS, the result is that aerc attempts to open the directory: ``` open /var/folders/vn/hs0zvdsx3vq6svvry8s1bnym0000gn/T/aerc-4229266673: is a directory ``` Signed-off-by: Nicole Patricia Mazzuca <nicole@streganil.no> Acked-by: Robin Jarry <robin@jarry.cc> --- commands/msgview/open.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/commands/msgview/open.go b/commands/msgview/open.go index a6e43cb8da5fd49d2aa562d4c25ee2d597deefc3..7c770d4a90b771e3a18dfcb327f5e9306d5b5fa7 100644 --- a/commands/msgview/open.go +++ b/commands/msgview/open.go @@ -59,7 +59,7 @@ func (o Open) Execute(args []string) error { } filename := path.Base(part.FileName()) var tmpFile *os.File - if filename == "" { + if filename == "." { extension := "" if exts, _ := mime.ExtensionsByType(mimeType); len(exts) > 0 { extension = exts[0]
pkgs/by-name/ae/aerc/basename-temp-file.patch 0 → 100644 +41 −0 Original line number Diff line number Diff line From 93bec0de8ed5ab3d6b1f01026fe2ef20fa154329 Mon Sep 17 00:00:00 2001 From: Robin Jarry <robin@jarry.cc> Date: Wed, 9 Apr 2025 10:49:24 +0200 Subject: [PATCH] open: only use part basename for temp file When an attachment part has a name such as "/tmp/55208186_AllDocs.pdf", aerc creates a temp folder and tries to store the file by blindly concatenating the path as follows: /tmp/aerc-3444057757/tmp/55208186_AllDocs.pdf And when writing to this path, it gets a "No such file or directory" error because the intermediate "tmp" subfolder isn't created. Reported-by: Erik Colson <eco@ecocode.net> Signed-off-by: Robin Jarry <robin@jarry.cc> --- commands/msgview/open.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/commands/msgview/open.go b/commands/msgview/open.go index 4293b7e4892c137a7f3fbbe79245ffb6733b2671..a6e43cb8da5fd49d2aa562d4c25ee2d597deefc3 100644 --- a/commands/msgview/open.go +++ b/commands/msgview/open.go @@ -5,6 +5,7 @@ import ( "io" "mime" "os" + "path" "path/filepath" "git.sr.ht/~rjarry/aerc/app" @@ -56,7 +57,7 @@ func (o Open) Execute(args []string) error { app.PushError(err.Error()) return } - filename := part.FileName() + filename := path.Base(part.FileName()) var tmpFile *os.File if filename == "" { extension := ""
pkgs/by-name/ae/aerc/package.nix +8 −1 Original line number Diff line number Diff line Loading @@ -33,7 +33,14 @@ buildGoModule (finalAttrs: { python3Packages.wrapPython ]; patches = [ ./runtime-libexec.patch ]; patches = [ ./runtime-libexec.patch # TODO remove these with the next release # they resolve a path injection vulnerability when saving attachments (CVE-2025-49466) ./basename-temp-file.patch ./basename-temp-file-fixup.patch ]; postPatch = '' substituteAllInPlace config/aerc.conf Loading
