From d75423591038bae8a40b939578c546f37998fd0a Mon Sep 17 00:00:00 2001
From: Paul Walker <paul@black-sun.demon.co.uk>
Date: Tue, 28 Mar 2006 01:08:28 +0000
Subject: [PATCH] Sanitize attachment file names (seatbelt for inattentive
 recipients).

---
 recvattach.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/recvattach.c b/recvattach.c
index 03fc71a0..63cd4c4c 100644
--- a/recvattach.c
+++ b/recvattach.c
@@ -408,6 +408,9 @@ static int mutt_query_save_attachment (FILE *fp, BODY *body, HEADER *hdr, char *
   else
     buf[0] = 0;
 
+  /* Remove any paths or bad characters */
+  mutt_sanitize_filename (buf, 1);
+
   prompt = _("Save to file: ");
   while (prompt)
   {
@@ -485,6 +488,10 @@ void mutt_save_attachment_list (FILE *fp, int tag, BODY *top, HEADER *hdr, MUTTM
 	  int append = 0;
 
 	  strfcpy (buf, NONULL (top->filename), sizeof (buf));
+
+	  /* Remove any paths or bad characters */
+	  mutt_sanitize_filename (buf, 1);
+
 	  if (mutt_get_field (_("Save to file: "), buf, sizeof (buf),
 				    M_FILE | M_CLEAR) != 0 || !buf[0])
 	    return;
-- 
2.40.0