[PATCH 10/25] Sanitize "Subject:" and "Author:" fields to not contain control characters in notmuch-search

Subject: [PATCH 10/25] Sanitize "Subject:" and "Author:" fields to not contain control characters in notmuch-search

Date: Sat, 28 May 2011 14:51:45 -0700

To: Notmuch Mail

Cc: Andreas Amann

From: Jameson Graef Rollins

From: Andreas Amann <a.amann@ucc.ie>

When a Subject field contained encoded CRLF sequences, these sequences
would appear unfiltered in the output of notmuch search. This confused
the notmuch emacs interface leading to "Unexpected Output"
messages. This is now fixed by replacing all characters with ASCII
code less than 32 with a question mark.

Signed-off-by: Jameson Graef Rollins <jrollins@finestructure.net>
---
 notmuch-search.c |   22 ++++++++++++++++++++--
 1 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/notmuch-search.c b/notmuch-search.c
index 69af617..530cecc 100644
--- a/notmuch-search.c
+++ b/notmuch-search.c
@@ -111,6 +111,20 @@ format_item_id_text (unused (const void *ctx),
     printf ("%s%s", item_type, item_id);
 }
 
+static char *
+sanitize_string (const void *ctx, const char *str)
+{
+    char *out, *loop;
+
+    loop = out = talloc_strdup (ctx, str);
+
+    for (; *loop; loop++) {
+	if ((unsigned char)(*loop) < 32)
+	    *loop = '?';
+    }
+    return out;
+}
+
 static void
 format_thread_text (const void *ctx,
 		    const char *thread_id,
@@ -120,13 +134,17 @@ format_thread_text (const void *ctx,
 		    const char *authors,
 		    const char *subject)
 {
+    void *ctx_quote = talloc_new (ctx);
+
     printf ("thread:%s %12s [%d/%d] %s; %s",
 	    thread_id,
 	    notmuch_time_relative_date (ctx, date),
 	    matched,
 	    total,
-	    authors,
-	    subject);
+	    sanitize_string (ctx_quote, authors),
+	    sanitize_string (ctx_quote, subject));
+
+    talloc_free (ctx_quote);
 }
 
 static void
-- 
1.7.4.4

• Previous message (by thread): Re: tag sharing

Thread:

• Jameson Graef Rollins—release-candidate/0.6 redux [inbox, unread]
  • Jameson Graef Rollins—[PATCH 01/25] fix check for libdir in ldconfig paths [inbox, notmuch::obsolete, notmuch::patch, unread]
    • Jameson Graef Rollins—[PATCH 02/25] add note about updating the debian symbols file to the RELEASE file [inbox, notmuch::patch, notmuch::pushed, unread]
      • Jameson Graef Rollins—[PATCH 03/25] test: modify search-output test to use the new test_expect_equal_file function [inbox, unread]
        • Jameson Graef Rollins—[PATCH 04/25] test: move "Search for non-existent message prints nothing" to search-output, and add similar test for format=json [inbox, unread]
          • Jameson Graef Rollins—[PATCH 05/25] fix trailing newlines in notmuch search [inbox, unread]
            • Jameson Graef Rollins—[PATCH 06/25] test: move utf-8 subject search test from json to search test script [inbox, unread]
              • Jameson Graef Rollins—[PATCH 07/25] test: remove json test for search null result, since it's being more properly tested in search-output [inbox, unread]
                • Jameson Graef Rollins—[PATCH 08/25] create and set temporary home directory [inbox, unread]
                  • Jameson Graef Rollins—[PATCH 09/25] emacs: Define several faces for the crypto-status button [inbox, unread]
                    • Jameson Graef Rollins—[PATCH 10/25] Sanitize "Subject:" and "Author:" fields to not contain control characters in notmuch-search [inbox, unread]
                      • Jameson Graef Rollins—[PATCH 11/25] test: add test for sanitized notmuch-search output [inbox, unread]
                        • Jameson Graef Rollins—[PATCH 12/25] test: cleanup search-output test names (no functional change) [inbox, unread]
                          • Jameson Graef Rollins—[PATCH 13/25] emacs: Use "message-cited-text" instead of "message-cited-text-face" [inbox, unread]
                            • Jameson Graef Rollins—[PATCH 14/25] Fix old style notmuch-fcc-dirs configuration check. [inbox, unread]
                              • Jameson Graef Rollins—[PATCH 15/25] Use message-field-value instead of message-fetch-field in FCC header setup. [inbox, unread]
                                • Jameson Graef Rollins—[PATCH 16/25] lib/message-file: plug three memleaks. [inbox, unread]
                                  • Jameson Graef Rollins—[PATCH 17/25] avoid segfault when calling sanitize_string() on NULL [inbox, unread]
                                    • Jameson Graef Rollins—[PATCH 18/25] Fix search output sanitization test. [inbox, unread]
                                      • Jameson Graef Rollins—[PATCH 19/25] emacs: fix notmuch-show-part-button to not include newline [inbox, unread]
                                        • Jameson Graef Rollins—[PATCH 20/25] emacs: Don't always prompt for the "From" address when replying [inbox, unread]
                                          • Jameson Graef Rollins—[PATCH 21/25] emacs: Cleaner interface when prompting for sender address [inbox, unread]
                                            • Jameson Graef Rollins—[PATCH 22/25] test: fix test_expect_equal_file test to copy instead of mv test files [inbox, unread]
                                              • Jameson Graef Rollins—[PATCH 23/25] test: update emacs test to use test_expect_equal_file [inbox, unread]
                                                • Jameson Graef Rollins—[PATCH 24/25] test: modify multipart test to use test_expect_equal_file [inbox, unread]
                                                  • Jameson Graef Rollins—[PATCH 25/25] Fix stdout stream grabbing in format_part_content_text [inbox, unread]
                                                    • Carl Worth—Re: [PATCH 25/25] Fix stdout stream grabbing in format_part_content_text [inbox, signed, unread]
                                                      • Jameson Graef Rollins—Re: [PATCH 25/25] Fix stdout stream grabbing in format_part_content_text [inbox, signed, unread]
                                                        • Carl Worth—Re: [PATCH 25/25] Fix stdout stream grabbing in format_part_content_text [inbox, signed, unread]
                                                          • Jameson Graef Rollins—Re: [PATCH 25/25] Fix stdout stream grabbing in format_part_content_text [inbox, signed, unread]
                                                      • Jameson Graef Rollins—Re: [PATCH 25/25] Fix stdout stream grabbing in format_part_content_text [inbox, signed, unread]
                                    • Carl Worth—Re: [PATCH 17/25] avoid segfault when calling sanitize_string() on NULL [inbox, signed, unread]
                              • Carl Worth—Re: [PATCH 14/25] Fix old style notmuch-fcc-dirs configuration check. [inbox, signed, unread]
                                • Dmitry Kurochkin—Re: [PATCH 14/25] Fix old style notmuch-fcc-dirs configuration check. [inbox, unread]
                                  • Carl Worth—Re: [PATCH 14/25] Fix old style notmuch-fcc-dirs configuration check. [inbox, signed, unread]
                                    • Dmitry Kurochkin—Re: [PATCH 14/25] Fix old style notmuch-fcc-dirs configuration check. [inbox, unread]
                                      • Carl Worth—Re: [PATCH 14/25] Fix old style notmuch-fcc-dirs configuration check. [inbox, signed, unread]
                                      • Carl Worth—Re: [PATCH 14/25] Fix old style notmuch-fcc-dirs configuration check. [inbox, signed, unread]
                                        • Dmitry Kurochkin—Re: [PATCH 14/25] Fix old style notmuch-fcc-dirs configuration check. [inbox, unread]
                                          • Carl Worth—Re: [PATCH 14/25] Fix old style notmuch-fcc-dirs configuration check. [inbox, signed, unread]
                • Carl Worth—Re: [PATCH 07/25] test: remove json test for search null result, since it's being more properly tested in search-output [inbox, signed, unread]
    • Carl Worth—Re: [PATCH 01/25] fix check for libdir in ldconfig paths [inbox, signed, unread]
      • Jameson Graef Rollins—Re: [PATCH 01/25] fix check for libdir in ldconfig paths [inbox, signed, unread]
  • Jameson Graef Rollins—Re: release-candidate/0.6 redux [inbox, signed, unread]
    • Austin Clements—Re: release-candidate/0.6 redux [inbox, unread]
    • Jameson Graef Rollins—Re: release-candidate/0.6 redux [inbox, signed, unread]
      • Carl Worth—Re: release-candidate/0.6 redux [inbox, signed, unread]
        • Jameson Graef Rollins—Re: release-candidate/0.6 redux [inbox, signed, unread]
          • Carl Worth—Re: release-candidate/0.6 redux [inbox, signed, unread]
            • Jameson Graef Rollins—tag sharing [was: Re: release-candidate/0.6 redux] [inbox, signed, unread]
              • Jesse Rosenthal—Re: tag sharing [was: Re: release-candidate/0.6 redux] [inbox, unread]
                • Jameson Graef Rollins—Re: tag sharing [was: Re: release-candidate/0.6 redux] [inbox, signed, unread]
                  • Jesse Rosenthal—Re: tag sharing [was: Re: release-candidate/0.6 redux] [inbox, unread]
                  • David Bremner—Re: tag sharing [inbox, unread]
                    • Jesse Rosenthal—Re: tag sharing [inbox, unread]
                      • David Bremner—Re: tag sharing [inbox, signed, unread]
                        • Jesse Rosenthal—Re: tag sharing [inbox, unread]
                          • David Bremner—Re: tag sharing [inbox, unread]
                            • Jesse Rosenthal—Re: tag sharing [inbox, unread]
                              • David Bremner—Re: tag sharing [inbox, unread]
                        • Jesse Rosenthal—Re: tag sharing [inbox, unread]
                          • Jesse Rosenthal—Re: tag sharing [inbox, unread]