Closed Bug 1747977 Opened 2 years ago Closed 2 years ago

Cannot open attachment when its filename contains an illegal characters e.g. ":", slash

Categories

(Thunderbird :: General, defect)

Product:
Thunderbird
Component:
General
Version:
Thunderbird 91
Type:
defect

Tracking

(thunderbird_esr91+ fixed, thunderbird97 fixed)

Status:
RESOLVED FIXED
Milestone:
98 Branch
Tracking Flags:
Tracking Status
thunderbird_esr91 + fixed
thunderbird97 --- fixed

People

(Reporter: pzine, Assigned: darktrojan)

References

(Regression,
URL
)

Details

(Keywords: regression)

Attachments

(3 files, 1 obsolete file)

Bug 1747977 - Sanitize attachment file name before saving to disk. r=mkmelin
48 bytes, text/x-phabricator-request
wsmwk
: approval-comm-beta+
Details | Review
1747977-follow-up-extension-handling.patch
2.61 KB, patch
darktrojan
: review+
Details | Diff | Splinter Review
1747977-attachment-sanitize-esr91.diff
13.56 KB, patch
rjl
: approval-comm-esr91+
Details | Diff | Splinter Review

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0

Steps to reproduce:

I use: TB 91.4.1 x64 (pl-PL), Win 8.1 Pro x64 / Win 10 x64 (21H1) - bug is on many different machines - at the same time (after automatically upgrade existing installation to 91.4.1)
My accounts use: POP3

When i receive an new mail with attached PDF files witch contains an illegal (in filenames) character - i have ":", i cannot open this by clicking on its filename (the down left corner of the window) when its assigned to external PDF Reader (i use Acrobat Reader DC), when its assigned to open internally to Thunderbird, then it open fine.

Actual results:

When i click to open attachment with illegal chars nothing is happens (when PDF file is attached to external program), when attached PDF is assigned and opened internally in Thunderbird is opened fine.

This is observed in TB 91.4.1, the TB 68.12.1 and 78.14.0 i think is not affected - the same messages (*.eml file) are working fine until now, when TB is upgraded to 91.x - no user reports about this until yesterday (massive TB upgrade to 91.4.1 - resolved bug with S/MIME and forward PDF attachment)

TB 68.12.1 / 78.14.0 and 91.3.2 - removes illegal chars before open directly attached files, but 91.4.1 is not

example of failure filename: " Numer polisy: 1234567878901 _ Numer EH: 032123456789 _ Nazwa Klienta: COMPANY NAME LLC _ Kod decyzji: XY _ Numer IDS: 12345678901 .pdf" - SPACE character is on the first place - this is not a copy/paste mistake :)

In the error console we can see 2 bugs:

[Exception... "Component returned failure code: 0x80520001 (NS_ERROR_FILE_UNRECOGNIZED_PATH) [nsIXPCComponents_Utils.readUTF8URI]" nsresult: "0x80520001 (NS_ERROR_FILE_UNRECOGNIZED_PATH)" location: "JS frame :: resource://gre/modules/L10nRegistry.jsm :: L10nRegistry.loadSync :: line 692" data: no] L10nRegistry.jsm:692:19
loadSync resource://gre/modules/L10nRegistry.jsm:692
fetchFile resource://gre/modules/L10nRegistry.jsm:607
generateResourceSetSync resource://gre/modules/L10nRegistry.jsm:512
map self-hosted:221
generateResourceSetSync resource://gre/modules/L10nRegistry.jsm:507
generateResourceSetsForLocaleSync resource://gre/modules/L10nRegistry.jsm:449
next self-hosted:1430
generateBundlesSync resource://gre/modules/L10nRegistry.jsm:186
next self-hosted:1430
touchNext resource://gre/modules/Localization.jsm:167
generateBundles resource://gre/modules/Localization.jsm:473
<anonimowa> resource:///modules/OTRUI.jsm:16
get resource://gre/modules/XPCOMUtils.jsm:62
_str resource:///modules/OTRUI.jsm:20
initStrings resource:///modules/OTRUI.jsm:38
init resource:///modules/OTRUI.jsm:259
InterpretGeneratorResume self-hosted:1482
AsyncFunctionNext self-hosted:692

Uncaught (in promise)
Exception { name: "", message: "Component returned failure code: 0x8071007b [nsIFile.createUnique]", result: 2154889339, filename: "chrome://messenger/content/msgHdrView.js", lineNumber: 2017, columnNumber: 0, data: null, stack: "saveAndOpen@chrome://messenger/content/msgHdrView.js:2017:18\nopen@chrome://messenger/content/msgHdrView.js:2052:19\n", location: XPCWrappedNative_NoHelper }

columnNumber: 0

data: null

filename: "chrome://messenger/content/msgHdrView.js"

lineNumber: 2017

location: XPCWrappedNative_NoHelper { QueryInterface: QueryInterface(), filename: Getter, name: Getter, … }

message: "Component returned failure code: 0x8071007b [nsIFile.createUnique]"

name: ""

result: 2154889339

stack: "saveAndOpen@chrome://messenger/content/msgHdrView.js:2017:18\nopen@chrome://messenger/content/msgHdrView.js:2052:19\n"

<prototype>: ExceptionPrototype { toString: toString(), name: Getter, message: Getter, … }

Expected results:

TB should open attached PDF in external programs as usually in previous version of TB like 68.x and 78.x and older 91.x versions

Summary: Cannot open attachment when is contains an illegal characters e.g. ":" → Cannot open attachment when is filename contains an illegal characters e.g. ":"
Summary: Cannot open attachment when is filename contains an illegal characters e.g. ":" → Cannot open attachment when its filename contains an illegal characters e.g. ":"

The same thing is happens w.g. when i open a message from Sent folder.

Must be from bug 1737711.

Status: UNCONFIRMED → NEW
Component: Untriaged → General
Ever confirmed: true
Keywords: regression
Regressed by: 1737711

For now, works only right click on filename, select Save Attachment As (illegal chars are removed properly ), then we must manually open file form saved location in external program.

Also report in Support Forum regarding illegal char using a forward slash:
https://support.mozilla.org/en-US/questions/1362678

https://github.com/Betterbird/thunderbird-patches/blob/main/91/bugs/1747977-sanitise-filename.patch
Also cleans up code that determines the extension twice with two different tricks, one of which doesn't work for edge cases.

Patch depends on our fix for bug 1744709.

Calls DownloadPaths.sanitize on the file name, which replaces invalid characters. Also adds a way for a test to "open" attachments, allowing this action to be tested.

Assignee: nobody → geoff
Status: NEW → ASSIGNED

How about fixing the other issues with this code as well? Getting the extension twice, once with this.name.split(".").pop(), which doesn't work if there is no extension, and another time with let match = this.name.match(/\.([^.]+)$/); let extension = match ? match[1] : null; should be fixed. Is the proposed new behaviour consistent with
https://searchfox.org/comm-central/rev/d55e12934777fded86d5ad1e8bd6a6d3a8ac32b0/mail/base/content/mailCommands.js#476-498 ?

(In reply to Rachel Martin from comment #9)

this.name.split(".").pop(), which doesn't work if there is no extension

Where this runs there is always a content type (which has priority) or an extension. In the toolkit version of this code the arguments are hard-wired in, which we should do, but not in this bug.

let match = this.name.match(/\.([^.]+)$/); let extension = match ? match[1] : null; should be fixed.

I don't see a problem with this. Explain?

Is the proposed new behaviour consistent with
https://searchfox.org/comm-central/rev/d55e12934777fded86d5ad1e8bd6a6d3a8ac32b0/mail/base/content/mailCommands.js#476-498 ?

It's similar but it does catch some more problem cases. AFAICT the old behaviour isn't consistent with it either.

The observation is that the extension is determined twice with different results:
console.log("file".split(".").pop()) gives file, let match = "file".match(/\.([^.]+)$/); let extension = match ? match[1] : null; console.log(extension) gives null. Given that getFromTypeAndExtension() apparently prefers the type and the extension can be empty,
https://searchfox.org/mozilla-central/rev/83e67336083df9f9a3d1e0c33f2ba19703d57161/netwerk/mime/nsIMIMEService.idl#42
this code will likely work:
https://searchfox.org/comm-central/rev/4e02ce9fa250616e3a8091b8fea0990a339c0e63/mail/base/content/msgHdrView.js#2066
Either the type is application/pdf and will be preferred and the wrong result ignored or there is a ".pdf" present and the split/pop will yield the correct result.

For the sake of clarity we'd prefer to determine the extension once and not twice with a method that always gives the correct result instead of relying on other conditions where a wrong result doesn't cause an issue. Whether using a regular expression isn't too big a gun to determine the the characters after the last dot lies in the eyes of the beholder. We'd suggest:
let dotPos = name.lastIndexOf("."); let extension = dotPos >= 0 ? name.substr(dotPos + 1) : "";

Pushed by geoff@darktrojan.net:
https://hg.mozilla.org/comm-central/rev/cf349129e14e
Sanitize attachment file name before saving to disk. r=mkmelin

Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
status-thunderbird97: --- → affected
status-thunderbird_esr91: --- → affected
Target Milestone: --- → 98 Branch
Attachment #9258758 - Flags: review?(geoff)

Linted. Also note the API nsIMIMEInfo getFromTypeAndExtension(in ACString aMIMEType, in AUTF8String aFileExt);, so it makes more sense to pass an empty string instead of null.

Attachment #9258758 - Attachment is obsolete: true
Attachment #9258758 - Flags: review?(geoff)
Attachment #9258862 - Flags: review?(geoff)
Attachment #9258862 - Flags: review?(geoff) → review+

Comment on attachment 9258268 [details]
Bug 1747977 - Sanitize attachment file name before saving to disk. r=mkmelin

[Approval Request Comment]
Regression caused by (bug #): bug 1737711
User impact if declined: attachments with weird filenames won't open
Testing completed (on c-c, etc.): landed last week
Risk to taking this patch (and alternatives if risky): low but not zero

Attachment #9258268 - Flags: approval-comm-esr91?
Attachment #9258268 - Flags: approval-comm-beta?

Comment on attachment 9258268 [details]
Bug 1747977 - Sanitize attachment file name before saving to disk. r=mkmelin

[Triage Comment]
Approved for beta

Attachment #9258268 - Flags: approval-comm-beta? → approval-comm-beta+

Can't set "checkin-needed" on this bug.

Flags: needinfo?(mkmelin+mozilla)

Landing it soon.

Flags: needinfo?(mkmelin+mozilla)
Pushed by mkmelin@iki.fi:
https://hg.mozilla.org/comm-central/rev/1b9aae48e071
Follow-up: Tidy extension handling. r=darktrojan

May i ask when this patch will be applied to 91esr version of TB ? :)

After beta testing is successful (it just landed on beta).

URL: https://support.mozilla.org/en-US/que...
Summary: Cannot open attachment when its filename contains an illegal characters e.g. ":" → Cannot open attachment when its filename contains an illegal characters e.g. ":", slash

Comment on attachment 9258268 [details]
Bug 1747977 - Sanitize attachment file name before saving to disk. r=mkmelin

[Triage Comment]
Approved for esr91

Attachment #9258268 - Flags: approval-comm-esr91? → approval-comm-esr91+

browser_openAttachment.js in this patch is tangled up in the async changes from Bug 1676114. Geoff, can you rebase it for esr91?

Flags: needinfo?(geoff)

I added Rachel's changes, since they might as well go in too.

Flags: needinfo?(geoff)
Attachment #9258268 - Flags: approval-comm-esr91+

Comment on attachment 9262210 [details] [diff] [review]
1747977-attachment-sanitize-esr91.diff

[Triage Comment]
Moving esr91 approval to correct patch.

Attachment #9262210 - Flags: approval-comm-esr91+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: