From e84fafcec22e7b460db03248dc23ed6b053b15c9 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Thu, 7 May 2015 08:45:19 +0200
Subject: [PATCH] Fix security issue in contact photo handling (#1490379)

---
 CHANGELOG                           | 1 +
 program/steps/addressbook/photo.inc | 5 -----
 2 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 2486a72e2..9014509aa 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -24,6 +24,7 @@ CHANGELOG Roundcube Webmail
 - Fix mouseup event handling when dragging a list record (#1490359)
 - Fix bug where preview_pane setting wasn't always saved into user preferences (#1490362)
 - Fix bug where messages count was not updated after message move/delete with skip_deleted=false (#1490372)
+- Fix security issue in contact photo handling (#1490379)
 
 RELEASE 1.1.1
 -------------
diff --git a/program/steps/addressbook/photo.inc b/program/steps/addressbook/photo.inc
index 962ca3126..0bc167e15 100644
--- a/program/steps/addressbook/photo.inc
+++ b/program/steps/addressbook/photo.inc
@@ -80,11 +80,6 @@ if (strlen($data) < 1024 && filter_var($data, FILTER_VALIDATE_URL)) {
     $RCMAIL->output->redirect($data);
 }
 
-// deliver alt image
-if (!$data && ($alt_img = rcube_utils::get_input_value('_alt', rcube_utils::INPUT_GPC)) && is_file($alt_img)) {
-    $data = file_get_contents($alt_img);
-}
-
 // cache for one day if requested by email
 if (!$cid && $email) {
     $RCMAIL->output->future_expire_header(86400);