From 2a9b1922500d5d79275b5184d5db7f6d286482f0 Mon Sep 17 00:00:00 2001
From: shixuantong <sxt1001@foxmail.com>
Date: Fri, 20 May 2022 21:35:36 +0800
Subject: [PATCH] fix CVE-2015-20107

---
 Lib/mailcap.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/Lib/mailcap.py b/Lib/mailcap.py
index ae416a8e9fb273..06d22af2b7a819 100644
--- a/Lib/mailcap.py
+++ b/Lib/mailcap.py
@@ -2,6 +2,7 @@
 
 import os
 import warnings
+from shlex import quote
 
 __all__ = ["getcaps","findmatch"]
 
@@ -203,8 +204,6 @@ def subst(field, MIMEtype, filename, plist=[]):
             c = field[i]; i = i+1
             if c == '%':
                 res = res + c
-            elif c == 's':
-                res = res + filename
             elif c == 't':
                 res = res + MIMEtype
             elif c == '{':
@@ -219,6 +218,9 @@ def subst(field, MIMEtype, filename, plist=[]):
             # %F == list of alternating type and filename for parts
             else:
                 res = res + '%' + c
+    res = res.replace("'%s'"    , quote(filename))
+    res = res.replace('"%s"'    , quote(filename))
+    res = res.replace('%s'      , quote(filename))
     return res
 
 def findparam(name, plist):