rubygem-actionmailer/backport-CVE-2024-47889.patch

From 0e5694f4d32544532d2301a9b4084eacb6986e94 Mon Sep 17 00:00:00 2001
From: John Hawthorn <john@hawthorn.email>
Date: Fri, 11 Oct 2024 00:34:14 -0700
Subject: [PATCH] Avoid backtracking in ActionMailer block_format

[CVE-2024-47889]

Thanks to yuki_osaki and scyoon for reporting this vulnerability
---
 actionmailer/lib/action_mailer/mail_helper.rb | 14 +++++++++++---
 actionmailer/test/mail_helper_test.rb         | 12 ++++++++++++
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/actionmailer/lib/action_mailer/mail_helper.rb b/actionmailer/lib/action_mailer/mail_helper.rb
index e7bed41f8d294..f527d5a59ebf5 100644
--- a/actionmailer/lib/action_mailer/mail_helper.rb
+++ b/actionmailer/lib/action_mailer/mail_helper.rb
@@ -23,10 +23,18 @@ def block_format(text)
       }.join("\n\n")
 
       # Make list points stand on their own line
-      formatted.gsub!(/[ ]*([*]+) ([^*]*)/) { "  #{$1} #{$2.strip}\n" }
-      formatted.gsub!(/[ ]*([#]+) ([^#]*)/) { "  #{$1} #{$2.strip}\n" }
+      output = +""
+      splits = formatted.split(/(\*+|\#+)/)
+      while line = splits.shift
+        if line.start_with?("*", "#") && splits[0].start_with?(" ")
+          output.chomp!(" ") while output.end_with?(" ")
+          output << "  #{line} #{splits.shift.strip}\n"
+        else
+          output << line
+        end
+      end
 
-      formatted
+      output
     end
 
     # Access the mailer instance.
Fix CVE-2024-47889 2024-10-17 17:26:44 +08:00			`From 0e5694f4d32544532d2301a9b4084eacb6986e94 Mon Sep 17 00:00:00 2001`
			`From: John Hawthorn <john@hawthorn.email>`
			`Date: Fri, 11 Oct 2024 00:34:14 -0700`
			`Subject: [PATCH] Avoid backtracking in ActionMailer block_format`

			`[CVE-2024-47889]`

			`Thanks to yuki_osaki and scyoon for reporting this vulnerability`
			`---`
			`actionmailer/lib/action_mailer/mail_helper.rb \| 14 +++++++++++---`
			`actionmailer/test/mail_helper_test.rb \| 12 ++++++++++++`
			`2 files changed, 23 insertions(+), 3 deletions(-)`

			`diff --git a/actionmailer/lib/action_mailer/mail_helper.rb b/actionmailer/lib/action_mailer/mail_helper.rb`
			`index e7bed41f8d294..f527d5a59ebf5 100644`
			`--- a/actionmailer/lib/action_mailer/mail_helper.rb`
			`+++ b/actionmailer/lib/action_mailer/mail_helper.rb`
			`@@ -23,10 +23,18 @@ def block_format(text)`
			`}.join("\n\n")`

			`# Make list points stand on their own line`
			`- formatted.gsub!(/[ ]([]+) ([^])/) { " #{$1} #{$2.strip}\n" }`
			`- formatted.gsub!(/[ ]([#]+) ([^#])/) { " #{$1} #{$2.strip}\n" }`
			`+ output = +""`
			`+ splits = formatted.split(/(\*+\|\#+)/)`
			`+ while line = splits.shift`
			`+ if line.start_with?("*", "#") && splits[0].start_with?(" ")`
			`+ output.chomp!(" ") while output.end_with?(" ")`
			`+ output << " #{line} #{splits.shift.strip}\n"`
			`+ else`
			`+ output << line`
			`+ end`
			`+ end`

			`- formatted`
			`+ output`
			`end`

			`# Access the mailer instance.`