From 2dec4c3e6e6d5f7af4d79518fbd580ec07848151 Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <bruederli@kolabsys.com>
Date: Tue, 18 Mar 2014 10:11:00 +0100
Subject: [PATCH] Avoid saving attachments with empty mimetype; validate before
 adding to XML (#2927)

---
 plugins/libkolab/lib/kolab_format.php | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/plugins/libkolab/lib/kolab_format.php b/plugins/libkolab/lib/kolab_format.php
index 11a5c4fe..1c5fd128 100644
--- a/plugins/libkolab/lib/kolab_format.php
+++ b/plugins/libkolab/lib/kolab_format.php
@@ -531,8 +531,19 @@ abstract class kolab_format
                 continue;
             $attach = new Attachment;
             $attach->setLabel((string)$attr['name']);
-            $attach->setUri('cid:' . $cid, $attr['mimetype']);
-            $vattach->push($attach);
+            $attach->setUri('cid:' . $cid, $attr['mimetype'] ?: 'application/octet-stream');
+            if ($attach->isValid()) {
+              $vattach->push($attach);
+            }
+            else {
+              rcube::raise_error(array(
+                  'code' => 660,
+                  'type' => 'php',
+                  'file' => __FILE__,
+                  'line' => __LINE__,
+                  'message' => "Invalid attributes for attachment $cid: " . var_export($attr, true),
+              ), true);
+            }
         }
 
         foreach ((array) $object['links'] as $link) {