On Fri, May 20, 2022 at 05:56:58PM +1000, raf wrote:
+#define SHELL_NON_SPACE_META_CHARACTERS "|&;()<>[]{}$`'~\"\\*?" + if (Sendmail[strcspn(Sendmail, SHELL_NON_SPACE_META_CHARACTERS)] != '\0') + { + mutt_error(_("$sendmail cannot contain shell meta-characters.")); + return -1; + }
Also, taking a closer look at the patch.* strcspn() matches an initial prefix. You might want to use strpbrk() instead.
* stylistically I don't think you should #define something used just once right above the usage. If the "why these chars" is unclear, just add a comment above the block, but I think in this case the mutt_error() string makes it clear what the check is about.
-- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
signature.asc
Description: PGP signature