Bug 1433792 - Bug 1427382 follow-up: Treat recipient display the same as sender display wrt to spoofing. r=mkmelin
authorJorg K <jorgk@jorgk.com>
Sat, 10 Feb 2018 23:40:24 +0100
changeset 31082 42bf9c98f0865fed58eaab2f753b88a627c3c9b7
parent 31081 dbaae0514e5e5f7e855b4bd028a679b21a8c9eb9
child 31083 94bd1ee91bc089d3e8efe6f924d41588d7b6368a
push id383
push userclokep@gmail.com
push dateMon, 07 May 2018 21:52:48 +0000
reviewersmkmelin
bugs1433792, 1427382
Bug 1433792 - Bug 1427382 follow-up: Treat recipient display the same as sender display wrt to spoofing. r=mkmelin
mailnews/base/src/nsMsgDBView.cpp
--- a/mailnews/base/src/nsMsgDBView.cpp
+++ b/mailnews/base/src/nsMsgDBView.cpp
@@ -538,20 +538,31 @@ nsMsgDBView::FetchRecipients(nsIMsgDBHdr
 
     if (showCondensedAddresses)
       GetDisplayNameInAddressBook(curAddress, recipient);
 
     if (recipient.IsEmpty())
     {
       // We can't use the display name in the card; use the name contained in
       // the header or email address.
-      if (!curName.IsEmpty())
-        recipient = curName;
-      else
+      if (curName.IsEmpty()) {
         CopyUTF8toUTF16(curAddress, recipient);
+      } else {
+        int32_t atPos;
+        if ((atPos = curName.FindChar('@')) == kNotFound ||
+            curName.FindChar('.', atPos) == kNotFound) {
+          recipient = curName;
+        } else {
+          // Found @ followed by a dot, so this looks like a spoofing case.
+          recipient = curName;
+          recipient.AppendLiteral(" <");
+          AppendUTF8toUTF16(curAddress, recipient);
+          recipient.Append('>');
+        }
+      }
     }
 
     // Add ', ' between each recipient.
     if (i != 0)
       aRecipientsString.AppendLiteral(u", ");
 
     aRecipientsString.Append(recipient);
   }