Steven Allen pointed out [2] that the previous scanner [1] was a little too simplistic. This version handles (or claims to) quoted strings in attributes, which can apparently contain '>'and '<' characters. This required generalizing the state machine runner a bit [3] to handle states with out-degree more than two. [1]: id:20170321131549.19557-1-david@tethera.net [2]: id:87wpbipl9z.fsf@tesseract.cs.unb.ca [3]: diff --git a/lib/index.cc b/lib/index.cc index 03223f7d..324e6e79 100644 --- a/lib/index.cc +++ b/lib/index.cc @@ -122,23 +122,25 @@ do_filter (const scanner_state_t states[], register const char *inptr = inbuf; const char *inend = inbuf + inlen; char *outptr; - int next; + int next, current; (void) prespace; g_mime_filter_set_size (gmime_filter, inlen, FALSE); outptr = gmime_filter->outbuf; + current = filter->state; while (inptr < inend) { - if (*inptr >= states[filter->state].a && - *inptr <= states[filter->state].b) - { - next = states[filter->state].next_if_match; - } - else - { - next = states[filter->state].next_if_not_match; - } + /* do "fake transitions" until we fire a rule, or run out of rules */ + do { + if (*inptr >= states[current].a && *inptr <= states[current].b) { + next = states[current].next_if_match; + } else { + next = states[current].next_if_not_match; + } + + current = next; + } while (next != states[next].state); if (filter->state < first_skipping_state) *outptr++ = *inptr; @@ -209,7 +211,11 @@ filter_filter_html (GMimeFilter *gmime_filter, char *inbuf, size_t inlen, size_t { static const scanner_state_t states[] = { {0, '<', '<', 1, 0}, + {1, '\'', '\'', 4, 2}, /* scanning for quote or > */ + {1, '"', '"', 5, 3}, {1, '>', '>', 0, 1}, + {4, '\'', '\'', 1, 4}, /* inside single quotes */ + {5, '"', '"', 1, 5}, /* inside double quotes */ }; do_filter(states, 1, gmime_filter, inbuf, inlen, prespace, outbuf, outlen, outprespace); diff --git a/test/T680-html-indexing.sh b/test/T680-html-indexing.sh index ee69209c..74f33708 100755 --- a/test/T680-html-indexing.sh +++ b/test/T680-html-indexing.sh @@ -8,4 +8,15 @@ test_begin_subtest 'embedded images should not be indexed' notmuch search kwpza7svrgjzqwi8fhb2msggwtxtwgqcxp4wbqr4wjddstqmeqa7 > OUTPUT test_expect_equal_file /dev/null OUTPUT +test_begin_subtest 'ignore > in attribute text' +notmuch search swordfish | notmuch_search_sanitize > OUTPUT +test_expect_equal_file /dev/null OUTPUT + +test_begin_subtest 'non tag text should be indexed' +notmuch search hunter2 | notmuch_search_sanitize > OUTPUT +cat <<EOF > EXPECTED +thread:XXX 2009-11-17 [1/1] David Bremner; test html attachment (inbox unread) +EOF +test_expect_equal_file EXPECTED OUTPUT + test_done diff --git a/test/corpora/html/attribute-text b/test/corpora/html/attribute-text new file mode 100644 index 00000000..6dae8194 --- /dev/null +++ b/test/corpora/html/attribute-text @@ -0,0 +1,15 @@ +From: David Bremner <david@example.net> +To: David Bremner <david@example.net> +Subject: test html attachment +Date: Tue, 17 Nov 2009 21:28:38 +0600 +Message-ID: <87d1dajhgf.fsf@example.net> +MIME-Version: 1.0 +Content-Type: text/html +Content-Disposition: inline; filename=test.html + +<html> + <body> + <input value="a>swordfish"> + </body> + hunter2 +</html>