[PATCH 4/9] cli/config: check syntax of user configured field names

Subject: [PATCH 4/9] cli/config: check syntax of user configured field names

Date: Sun, 28 Apr 2019 20:10:44 -0300

To: David Bremner, notmuch@notmuchmail.org

Cc:

From: David Bremner


These restrictions are meant to prevent incompatibilities with the
Xapian query parser (which will split at non-word characters) and
clashes with future notmuch builtin fields.
---
 notmuch-config.c         | 41 +++++++++++++++++++++++++++++++++++++++-
 test/T750-user-header.sh | 30 +++++++++++++++++++++++++++++
 2 files changed, 70 insertions(+), 1 deletion(-)

diff --git a/notmuch-config.c b/notmuch-config.c
index 519fb27d..07b4c26f 100644
--- a/notmuch-config.c
+++ b/notmuch-config.c
@@ -24,6 +24,8 @@
 #include <netdb.h>
 #include <assert.h>
 
+#include "unicode-util.h"
+
 static const char toplevel_config_comment[] =
     " .notmuch-config - Configuration file for the notmuch mail system\n"
     "\n"
@@ -819,6 +821,43 @@ _item_split (char *item, char **group, char **key)
     return 0;
 }
 
+/* These are more properly called Xapian fields, but the user facing
+   docs call them prefixes, so make the error message match */
+static bool
+validate_field_name (const char *str)
+{
+    const char *key;
+
+    if (! g_utf8_validate (str, -1, NULL)) {
+	fprintf (stderr, "Invalid utf8: %s\n", str);
+	return false;
+    }
+
+    key = g_utf8_strrchr (str, -1, '.');
+    if (! key ) {
+	INTERNAL_ERROR ("Impossible code path on input: %s\n", str);
+    }
+
+    key++;
+
+    if (! *key) {
+	fprintf (stderr, "Empty prefix name: %s\n", str);
+	return false;
+    }
+
+    if (! unicode_word_utf8 (key)) {
+	fprintf (stderr, "Non-word character in prefix name: %s\n", key);
+	return false;
+    }
+
+    if (key[0] >= 'a' && key[0] <= 'z') {
+	fprintf (stderr, "Prefix names starting with lower case letters are reserved: %s\n", key);
+	return false;
+    }
+
+    return true;
+}
+
 #define BUILT_WITH_PREFIX "built_with."
 
 typedef struct config_key {
@@ -831,7 +870,7 @@ typedef struct config_key {
 static struct config_key
 config_key_table[] = {
     {"index.decrypt",	true,	false,	NULL},
-    {"index.header.",	true,	true,	NULL},
+    {"index.header.",	true,	true,	validate_field_name},
     {"query.",		true,	true,	NULL},
 };
 
diff --git a/test/T750-user-header.sh b/test/T750-user-header.sh
index 75fb1635..b97b00b6 100755
--- a/test/T750-user-header.sh
+++ b/test/T750-user-header.sh
@@ -15,6 +15,36 @@ notmuch search '*' | notmuch_search_sanitize > initial-threads
 notmuch search --output=messages '*' > initial-message-ids
 notmuch dump > initial-dump
 
+test_begin_subtest "adding illegal prefix name, bad utf8"
+notmuch config set index.header.$'\xFF' "List-Id" 2>&1 | sed 's/:.*$//' >OUTPUT
+cat <<EOF > EXPECTED
+Invalid utf8
+EOF
+test_expect_equal_file EXPECTED OUTPUT
+
+test_begin_subtest "adding illegal prefix name, reserved for notmuch"
+notmuch config set index.header.list "List-Id" 2>OUTPUT
+cat <<EOF > EXPECTED
+Prefix names starting with lower case letters are reserved: list
+EOF
+test_expect_equal_file EXPECTED OUTPUT
+
+test_begin_subtest "adding illegal prefix name, non-word character."
+notmuch config set index.header.l:st "List-Id" 2>OUTPUT
+cat <<EOF > EXPECTED
+Non-word character in prefix name: l:st
+EOF
+test_expect_equal_file EXPECTED OUTPUT
+
+test_begin_subtest "adding empty prefix name."
+notmuch config set index.header. "List-Id" 2>OUTPUT
+Non-word character in prefix name: l:st
+cat <<EOF > EXPECTED
+Empty prefix name: index.header.
+EOF
+test_expect_equal_file EXPECTED OUTPUT
+
+
 test_begin_subtest "adding user header"
 test_expect_code 0 "notmuch config set index.header.List \"List-Id\""
 
-- 
2.20.1

_______________________________________________
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Thread: