Re: [PATCH v2 4/6] send-email: make --suppress-cc=self sanitize input
"Michael S. Tsirkin" writes: > Yes, I think so too. So - what do you suggest? > Add a test? > Add a comment? > more? Nothing major comes to my mind at this moment. I guess it would be good to add a test or two to use "A U. Thor" example with and without end-user added quotes, but that can be done as a follow-up patch on top of this series (i.e. [PATCH 7/6]). Thanks. >> > git-send-email.perl | 18 +++--- >> > 1 file changed, 11 insertions(+), 7 deletions(-) >> > >> > diff --git a/git-send-email.perl b/git-send-email.perl >> > index a138615..92df393 100755 >> > --- a/git-send-email.perl >> > +++ b/git-send-email.perl >> > @@ -760,6 +760,8 @@ if (!defined $sender) { >> >$sender = $repoauthor || $repocommitter || ''; >> > } >> > >> > +$sender = sanitize_address($sender); >> > + >> > my $prompting = 0; >> > if (!@initial_to && !defined $to_cmd) { >> >my $to = ask("Who should the emails be sent to (if any)? ", >> > @@ -1113,10 +1115,9 @@ sub send_message { >> >if ($cc ne '') { >> >$ccline = "\nCc: $cc"; >> >} >> > - my $sanitized_sender = sanitize_address($sender); >> >make_message_id() unless defined($message_id); >> > >> > - my $header = "From: $sanitized_sender >> > + my $header = "From: $sender >> > To: $to${ccline} >> > Subject: $subject >> > Date: $date >> > @@ -1133,7 +1134,7 @@ X-Mailer: git-send-email $gitversion >> >} >> > >> >my @sendmail_parameters = ('-i', @recipients); >> > - my $raw_from = $sanitized_sender; >> > + my $raw_from = $sender; >> >if (defined $envelope_sender && $envelope_sender ne "auto") { >> >$raw_from = $envelope_sender; >> >} >> > @@ -1308,8 +1309,9 @@ foreach my $t (@files) { >> >} >> >elsif (/^From:\s+(.*)$/i) { >> >($author, $author_encoding) = >> > unquote_rfc2047($1); >> > + my $sauthor = sanitize_address($author); >> >next if $suppress_cc{'author'}; >> > - next if $suppress_cc{'self'} and $author eq >> > $sender; >> > + next if $suppress_cc{'self'} and $sauthor eq >> > $sender; >> >printf("(mbox) Adding cc: %s from line '%s'\n", >> >$1, $_) unless $quiet; >> >push @cc, $1; >> > @@ -1323,7 +1325,9 @@ foreach my $t (@files) { >> >} >> >elsif (/^Cc:\s+(.*)$/i) { >> >foreach my $addr (parse_address_line($1)) { >> > - if (unquote_rfc2047($addr) eq $sender) { >> > + my $qaddr = unquote_rfc2047($addr); >> > + my $saddr = sanitize_address($qaddr); >> > + if ($saddr eq $sender) { >> >next if ($suppress_cc{'self'}); >> >} else { >> >next if ($suppress_cc{'cc'}); >> > @@ -1370,7 +1374,8 @@ foreach my $t (@files) { >> >chomp; >> >my ($what, $c) = ($1, $2); >> >chomp $c; >> > - if ($c eq $sender) { >> > + my $sc = sanitize_address($c); >> > + if ($sc eq $sender) { >> >next if ($suppress_cc{'self'}); >> >} else { >> >next if $suppress_cc{'sob'} and $what =~ >> > /Signed-off-by/i; >> > @@ -1454,7 +1459,6 @@ foreach my $t (@files) { >> > sub recipients_cmd { >> >my ($prefix, $what, $cmd, $file) = @_; >> > >> > - my $sanitized_sender = sanitize_address($sender); >> >my @addresses = (); >> >open my $fh, "-|", "$cmd \Q$file\E" >> >or die "($prefix) Could not execute '$cmd'"; -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v2 4/6] send-email: make --suppress-cc=self sanitize input
On Mon, Jun 03, 2013 at 09:17:21AM -0700, Junio C Hamano wrote: > "Michael S. Tsirkin" writes: > > > --suppress-cc=self fails to filter sender address in many cases where it > > needs to be sanitized in some way, for example quoted: > > "A U. Thor" > > To fix, make send-email sanitize both sender and the address it is > > compared against. > > > > Signed-off-by: Michael S. Tsirkin > > --- > > OK, so you are getting rid of distinctions between sanitized_sender > and sender, and $sender is now defined to be always "sanitized" > form. > > That change makes things consistent with respect to the question I > had on [2/6]. > > I however wondered how this would affect those who have configured > "sendemail.from" with an already "sanitized" address. That is, you > may have used: > > [sendemail] > from = "Michael S. Tsirkin" > > with the older and current versions of Git. I _think_ the safetly > of this change relies on that it is a no-op to run sanitize_address > on an already sanitized address (i.e. feeding the above example > sendemail.from to sanitize_address gives back the same string), > which holds true for all practical purposes, but it is a bit subtle. Yes, I think so too. So - what do you suggest? Add a test? Add a comment? more? > > git-send-email.perl | 18 +++--- > > 1 file changed, 11 insertions(+), 7 deletions(-) > > > > diff --git a/git-send-email.perl b/git-send-email.perl > > index a138615..92df393 100755 > > --- a/git-send-email.perl > > +++ b/git-send-email.perl > > @@ -760,6 +760,8 @@ if (!defined $sender) { > > $sender = $repoauthor || $repocommitter || ''; > > } > > > > +$sender = sanitize_address($sender); > > + > > my $prompting = 0; > > if (!@initial_to && !defined $to_cmd) { > > my $to = ask("Who should the emails be sent to (if any)? ", > > @@ -1113,10 +1115,9 @@ sub send_message { > > if ($cc ne '') { > > $ccline = "\nCc: $cc"; > > } > > - my $sanitized_sender = sanitize_address($sender); > > make_message_id() unless defined($message_id); > > > > - my $header = "From: $sanitized_sender > > + my $header = "From: $sender > > To: $to${ccline} > > Subject: $subject > > Date: $date > > @@ -1133,7 +1134,7 @@ X-Mailer: git-send-email $gitversion > > } > > > > my @sendmail_parameters = ('-i', @recipients); > > - my $raw_from = $sanitized_sender; > > + my $raw_from = $sender; > > if (defined $envelope_sender && $envelope_sender ne "auto") { > > $raw_from = $envelope_sender; > > } > > @@ -1308,8 +1309,9 @@ foreach my $t (@files) { > > } > > elsif (/^From:\s+(.*)$/i) { > > ($author, $author_encoding) = > > unquote_rfc2047($1); > > + my $sauthor = sanitize_address($author); > > next if $suppress_cc{'author'}; > > - next if $suppress_cc{'self'} and $author eq > > $sender; > > + next if $suppress_cc{'self'} and $sauthor eq > > $sender; > > printf("(mbox) Adding cc: %s from line '%s'\n", > > $1, $_) unless $quiet; > > push @cc, $1; > > @@ -1323,7 +1325,9 @@ foreach my $t (@files) { > > } > > elsif (/^Cc:\s+(.*)$/i) { > > foreach my $addr (parse_address_line($1)) { > > - if (unquote_rfc2047($addr) eq $sender) { > > + my $qaddr = unquote_rfc2047($addr); > > + my $saddr = sanitize_address($qaddr); > > + if ($saddr eq $sender) { > > next if ($suppress_cc{'self'}); > > } else { > > next if ($suppress_cc{'cc'}); > > @@ -1370,7 +1374,8 @@ foreach my $t (@files) { > > chomp; > > my ($what, $c) = ($1, $2); > > chomp $c; > > - if ($c eq $sender) { > > + my $sc = sanitize_address($c); > > + if ($sc eq $sender) { > > next if ($suppress_cc{'self'}); > > } else { > > next if $suppress_cc{'sob'} and $what =~ > > /Signed-off-by/i; > > @@ -1454,7 +1459,6 @@ foreach my $t (@files) { > > sub recipients_cmd { > > my ($prefix, $what, $cmd, $file) = @_; > > > > - my $sanitized_sender = sanitize_address($sender); > > my @addresses = (); > > open my $fh, "-|", "$cmd \Q$file\E" > > or die "($prefix) Could not execute '$cmd'"; -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.
Re: [PATCH v2 4/6] send-email: make --suppress-cc=self sanitize input
"Michael S. Tsirkin" writes: > --suppress-cc=self fails to filter sender address in many cases where it > needs to be sanitized in some way, for example quoted: > "A U. Thor" > To fix, make send-email sanitize both sender and the address it is > compared against. > > Signed-off-by: Michael S. Tsirkin > --- OK, so you are getting rid of distinctions between sanitized_sender and sender, and $sender is now defined to be always "sanitized" form. That change makes things consistent with respect to the question I had on [2/6]. I however wondered how this would affect those who have configured "sendemail.from" with an already "sanitized" address. That is, you may have used: [sendemail] from = "Michael S. Tsirkin" with the older and current versions of Git. I _think_ the safetly of this change relies on that it is a no-op to run sanitize_address on an already sanitized address (i.e. feeding the above example sendemail.from to sanitize_address gives back the same string), which holds true for all practical purposes, but it is a bit subtle. > git-send-email.perl | 18 +++--- > 1 file changed, 11 insertions(+), 7 deletions(-) > > diff --git a/git-send-email.perl b/git-send-email.perl > index a138615..92df393 100755 > --- a/git-send-email.perl > +++ b/git-send-email.perl > @@ -760,6 +760,8 @@ if (!defined $sender) { > $sender = $repoauthor || $repocommitter || ''; > } > > +$sender = sanitize_address($sender); > + > my $prompting = 0; > if (!@initial_to && !defined $to_cmd) { > my $to = ask("Who should the emails be sent to (if any)? ", > @@ -1113,10 +1115,9 @@ sub send_message { > if ($cc ne '') { > $ccline = "\nCc: $cc"; > } > - my $sanitized_sender = sanitize_address($sender); > make_message_id() unless defined($message_id); > > - my $header = "From: $sanitized_sender > + my $header = "From: $sender > To: $to${ccline} > Subject: $subject > Date: $date > @@ -1133,7 +1134,7 @@ X-Mailer: git-send-email $gitversion > } > > my @sendmail_parameters = ('-i', @recipients); > - my $raw_from = $sanitized_sender; > + my $raw_from = $sender; > if (defined $envelope_sender && $envelope_sender ne "auto") { > $raw_from = $envelope_sender; > } > @@ -1308,8 +1309,9 @@ foreach my $t (@files) { > } > elsif (/^From:\s+(.*)$/i) { > ($author, $author_encoding) = > unquote_rfc2047($1); > + my $sauthor = sanitize_address($author); > next if $suppress_cc{'author'}; > - next if $suppress_cc{'self'} and $author eq > $sender; > + next if $suppress_cc{'self'} and $sauthor eq > $sender; > printf("(mbox) Adding cc: %s from line '%s'\n", > $1, $_) unless $quiet; > push @cc, $1; > @@ -1323,7 +1325,9 @@ foreach my $t (@files) { > } > elsif (/^Cc:\s+(.*)$/i) { > foreach my $addr (parse_address_line($1)) { > - if (unquote_rfc2047($addr) eq $sender) { > + my $qaddr = unquote_rfc2047($addr); > + my $saddr = sanitize_address($qaddr); > + if ($saddr eq $sender) { > next if ($suppress_cc{'self'}); > } else { > next if ($suppress_cc{'cc'}); > @@ -1370,7 +1374,8 @@ foreach my $t (@files) { > chomp; > my ($what, $c) = ($1, $2); > chomp $c; > - if ($c eq $sender) { > + my $sc = sanitize_address($c); > + if ($sc eq $sender) { > next if ($suppress_cc{'self'}); > } else { > next if $suppress_cc{'sob'} and $what =~ > /Signed-off-by/i; > @@ -1454,7 +1459,6 @@ foreach my $t (@files) { > sub recipients_cmd { > my ($prefix, $what, $cmd, $file) = @_; > > - my $sanitized_sender = sanitize_address($sender); > my @addresses = (); > open my $fh, "-|", "$cmd \Q$file\E" > or die "($prefix) Could not execute '$cmd'"; -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 4/6] send-email: make --suppress-cc=self sanitize input
--suppress-cc=self fails to filter sender address in many cases where it needs to be sanitized in some way, for example quoted: "A U. Thor" To fix, make send-email sanitize both sender and the address it is compared against. Signed-off-by: Michael S. Tsirkin --- git-send-email.perl | 18 +++--- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/git-send-email.perl b/git-send-email.perl index a138615..92df393 100755 --- a/git-send-email.perl +++ b/git-send-email.perl @@ -760,6 +760,8 @@ if (!defined $sender) { $sender = $repoauthor || $repocommitter || ''; } +$sender = sanitize_address($sender); + my $prompting = 0; if (!@initial_to && !defined $to_cmd) { my $to = ask("Who should the emails be sent to (if any)? ", @@ -1113,10 +1115,9 @@ sub send_message { if ($cc ne '') { $ccline = "\nCc: $cc"; } - my $sanitized_sender = sanitize_address($sender); make_message_id() unless defined($message_id); - my $header = "From: $sanitized_sender + my $header = "From: $sender To: $to${ccline} Subject: $subject Date: $date @@ -1133,7 +1134,7 @@ X-Mailer: git-send-email $gitversion } my @sendmail_parameters = ('-i', @recipients); - my $raw_from = $sanitized_sender; + my $raw_from = $sender; if (defined $envelope_sender && $envelope_sender ne "auto") { $raw_from = $envelope_sender; } @@ -1308,8 +1309,9 @@ foreach my $t (@files) { } elsif (/^From:\s+(.*)$/i) { ($author, $author_encoding) = unquote_rfc2047($1); + my $sauthor = sanitize_address($author); next if $suppress_cc{'author'}; - next if $suppress_cc{'self'} and $author eq $sender; + next if $suppress_cc{'self'} and $sauthor eq $sender; printf("(mbox) Adding cc: %s from line '%s'\n", $1, $_) unless $quiet; push @cc, $1; @@ -1323,7 +1325,9 @@ foreach my $t (@files) { } elsif (/^Cc:\s+(.*)$/i) { foreach my $addr (parse_address_line($1)) { - if (unquote_rfc2047($addr) eq $sender) { + my $qaddr = unquote_rfc2047($addr); + my $saddr = sanitize_address($qaddr); + if ($saddr eq $sender) { next if ($suppress_cc{'self'}); } else { next if ($suppress_cc{'cc'}); @@ -1370,7 +1374,8 @@ foreach my $t (@files) { chomp; my ($what, $c) = ($1, $2); chomp $c; - if ($c eq $sender) { + my $sc = sanitize_address($c); + if ($sc eq $sender) { next if ($suppress_cc{'self'}); } else { next if $suppress_cc{'sob'} and $what =~ /Signed-off-by/i; @@ -1454,7 +1459,6 @@ foreach my $t (@files) { sub recipients_cmd { my ($prefix, $what, $cmd, $file) = @_; - my $sanitized_sender = sanitize_address($sender); my @addresses = (); open my $fh, "-|", "$cmd \Q$file\E" or die "($prefix) Could not execute '$cmd'"; -- MST -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html