From e6329d30077e6b7b0710962f2459e15074af8666 Mon Sep 17 00:00:00 2001 From: Bianca Nenciu Date: Thu, 29 Apr 2021 10:17:33 +0300 Subject: [PATCH] FIX: Gracefully handle inline images in emails (#12855) --- lib/email/receiver.rb | 4 ++-- spec/components/email/receiver_spec.rb | 13 +++++++++++++ spec/fixtures/emails/inline_image_2.eml | 26 +++++++++++++++++++++++++ 3 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 spec/fixtures/emails/inline_image_2.eml diff --git a/lib/email/receiver.rb b/lib/email/receiver.rb index bd328678531..b580e7ea408 100644 --- a/lib/email/receiver.rb +++ b/lib/email/receiver.rb @@ -1124,8 +1124,8 @@ module Email raw = raw.sub(match, replacement) end end - elsif raw[/\[image:.*?\d+[^\]]*\]/i] - raw.sub!(/\[image:.*?\d+[^\]]*\]/i, UploadMarkdown.new(upload).to_markdown) + elsif raw[/\[image:[^\]]*\]/i] + raw.sub!(/\[image:[^\]]*\]/i, UploadMarkdown.new(upload).to_markdown) else raw << "\n\n#{UploadMarkdown.new(upload).to_markdown}\n\n" end diff --git a/spec/components/email/receiver_spec.rb b/spec/components/email/receiver_spec.rb index b3b5a083b33..fcdc094058c 100644 --- a/spec/components/email/receiver_spec.rb +++ b/spec/components/email/receiver_spec.rb @@ -585,6 +585,19 @@ describe Email::Receiver do MD end + it "gracefully handles malformed images in HTML part" do + expect { process(:inline_image_2) }.to change { topic.posts.count } + + post = topic.posts.last + upload = post.uploads.last + + expect(post.raw).to eq(<<~MD.chomp) + [image:#{'0' * 5000} + + ![#{upload.original_filename}|#{upload.width}x#{upload.height}](#{upload.short_url}) + MD + end + it "supports attached images in signature" do SiteSetting.incoming_email_prefer_html = true SiteSetting.always_show_trimmed_content = true diff --git a/spec/fixtures/emails/inline_image_2.eml b/spec/fixtures/emails/inline_image_2.eml new file mode 100644 index 00000000000..cba266dc87b --- /dev/null +++ b/spec/fixtures/emails/inline_image_2.eml @@ -0,0 +1,26 @@ +Return-Path: +From: Foo Bar +To: reply+4f97315cc828096c9cb34c6f1a0d6fe8@bar.com +Date: Fri, 15 Jan 2016 00:12:43 +0100 +Message-ID: <28@foo.bar.mail> +Mime-Version: 1.0 +Content-Type: multipart/related; boundary="0000000000006d045f05c0e384eb" + +--0000000000006d045f05c0e384eb +Content-Type: multipart/alternative; boundary="0000000000006d045b05c0e384ea" + +--0000000000006d045b05c0e384ea +Content-Type: text/html; charset="UTF-8" + +[image:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 + +--0000000000006d045b05c0e384ea-- +--0000000000006d045f05c0e384eb +Content-Type: image/png; name="poc.png" +Content-Disposition: attachment; filename="poc.png" +Content-Transfer-Encoding: base64 +X-Attachment-Id: ii_poc0 +Content-ID: + +iVBORw0KGgoAAAANSUhEUgAABm4AAAHTCAIAAAChr3DwAAAACXBIWXMAAA7EAAAOxAGVKw4bAAAg +--0000000000006d045f05c0e384eb--