From 2a285f8f6aa33f1d8227d052b86c98da95162103 Mon Sep 17 00:00:00 2001
From: Max Goodman <c@chromakode.com>
Date: Thu, 27 Feb 2014 18:41:23 -0800
Subject: [PATCH] emails: Foil some basic header injections.

Thanks to "Jordan Milne (/u/largenocream) for this suggestion.
---
 r2/r2/models/mail_queue.py | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/r2/r2/models/mail_queue.py b/r2/r2/models/mail_queue.py
index 8c69431f6..f18bdd1bb 100644
--- a/r2/r2/models/mail_queue.py
+++ b/r2/r2/models/mail_queue.py
@@ -23,6 +23,7 @@
 import datetime
 import hashlib
 from email.MIMEText import MIMEText
+from email.errors import HeaderParseError
 
 import sqlalchemy as sa
 from sqlalchemy.dialects.postgresql.base import PGInet
@@ -397,11 +398,19 @@ class Email(object):
             self.sent = True
 
     def to_MIMEText(self):
-        def utf8(s):
+        def utf8(s, reject_newlines=True):
+            if reject_newlines and '\n' in s:
+                raise HeaderParseError(
+                    'header value contains unexpected newline: {!r}'.format(s))
             return s.encode('utf8') if isinstance(s, unicode) else s
-        fr = '"%s" <%s>' % (self.from_name(), self.fr_addr)
+
+        fr = '"%s" <%s>' % (
+            self.from_name().replace('"', ''),
+            self.fr_addr.replace('>', ''),
+        )
+
         if not fr.startswith('-') and not self.to_addr.startswith('-'): # security
-            msg = MIMEText(utf8(self.body))
+            msg = MIMEText(utf8(self.body, reject_newlines=False))
             msg.set_charset('utf8')
             msg['To']      = utf8(self.to_addr)
             msg['From']    = utf8(fr)