Re: [PATCH v2 4/6] send-email: make --suppress-cc=self sanitize input
"Michael S. Tsirkin" writes:
> Yes, I think so too. So - what do you suggest?
> Add a test?
> Add a comment?
> more?
Nothing major comes to my mind at this moment.
I guess it would be good to add a test or two to use "A U. Thor"
example with and without end-user added quotes, but that can be done
as a follow-up patch on top of this series (i.e. [PATCH 7/6]).
Thanks.
>> > git-send-email.perl | 18 +++---
>> > 1 file changed, 11 insertions(+), 7 deletions(-)
>> >
>> > diff --git a/git-send-email.perl b/git-send-email.perl
>> > index a138615..92df393 100755
>> > --- a/git-send-email.perl
>> > +++ b/git-send-email.perl
>> > @@ -760,6 +760,8 @@ if (!defined $sender) {
>> >$sender = $repoauthor || $repocommitter || '';
>> > }
>> >
>> > +$sender = sanitize_address($sender);
>> > +
>> > my $prompting = 0;
>> > if (!@initial_to && !defined $to_cmd) {
>> >my $to = ask("Who should the emails be sent to (if any)? ",
>> > @@ -1113,10 +1115,9 @@ sub send_message {
>> >if ($cc ne '') {
>> >$ccline = "\nCc: $cc";
>> >}
>> > - my $sanitized_sender = sanitize_address($sender);
>> >make_message_id() unless defined($message_id);
>> >
>> > - my $header = "From: $sanitized_sender
>> > + my $header = "From: $sender
>> > To: $to${ccline}
>> > Subject: $subject
>> > Date: $date
>> > @@ -1133,7 +1134,7 @@ X-Mailer: git-send-email $gitversion
>> >}
>> >
>> >my @sendmail_parameters = ('-i', @recipients);
>> > - my $raw_from = $sanitized_sender;
>> > + my $raw_from = $sender;
>> >if (defined $envelope_sender && $envelope_sender ne "auto") {
>> >$raw_from = $envelope_sender;
>> >}
>> > @@ -1308,8 +1309,9 @@ foreach my $t (@files) {
>> >}
>> >elsif (/^From:\s+(.*)$/i) {
>> >($author, $author_encoding) =
>> > unquote_rfc2047($1);
>> > + my $sauthor = sanitize_address($author);
>> >next if $suppress_cc{'author'};
>> > - next if $suppress_cc{'self'} and $author eq
>> > $sender;
>> > + next if $suppress_cc{'self'} and $sauthor eq
>> > $sender;
>> >printf("(mbox) Adding cc: %s from line '%s'\n",
>> >$1, $_) unless $quiet;
>> >push @cc, $1;
>> > @@ -1323,7 +1325,9 @@ foreach my $t (@files) {
>> >}
>> >elsif (/^Cc:\s+(.*)$/i) {
>> >foreach my $addr (parse_address_line($1)) {
>> > - if (unquote_rfc2047($addr) eq $sender) {
>> > + my $qaddr = unquote_rfc2047($addr);
>> > + my $saddr = sanitize_address($qaddr);
>> > + if ($saddr eq $sender) {
>> >next if ($suppress_cc{'self'});
>> >} else {
>> >next if ($suppress_cc{'cc'});
>> > @@ -1370,7 +1374,8 @@ foreach my $t (@files) {
>> >chomp;
>> >my ($what, $c) = ($1, $2);
>> >chomp $c;
>> > - if ($c eq $sender) {
>> > + my $sc = sanitize_address($c);
>> > + if ($sc eq $sender) {
>> >next if ($suppress_cc{'self'});
>> >} else {
>> >next if $suppress_cc{'sob'} and $what =~
>> > /Signed-off-by/i;
>> > @@ -1454,7 +1459,6 @@ foreach my $t (@files) {
>> > sub recipients_cmd {
>> >my ($prefix, $what, $cmd, $file) = @_;
>> >
>> > - my $sanitized_sender = sanitize_address($sender);
>> >my @addresses = ();
>> >open my $fh, "-|", "$cmd \Q$file\E"
>> >or die "($prefix) Could not execute '$cmd'";
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v2 4/6] send-email: make --suppress-cc=self sanitize input
On Mon, Jun 03, 2013 at 09:17:21AM -0700, Junio C Hamano wrote:
> "Michael S. Tsirkin" writes:
>
> > --suppress-cc=self fails to filter sender address in many cases where it
> > needs to be sanitized in some way, for example quoted:
> > "A U. Thor"
> > To fix, make send-email sanitize both sender and the address it is
> > compared against.
> >
> > Signed-off-by: Michael S. Tsirkin
> > ---
>
> OK, so you are getting rid of distinctions between sanitized_sender
> and sender, and $sender is now defined to be always "sanitized"
> form.
>
> That change makes things consistent with respect to the question I
> had on [2/6].
>
> I however wondered how this would affect those who have configured
> "sendemail.from" with an already "sanitized" address. That is, you
> may have used:
>
> [sendemail]
> from = "Michael S. Tsirkin"
>
> with the older and current versions of Git. I _think_ the safetly
> of this change relies on that it is a no-op to run sanitize_address
> on an already sanitized address (i.e. feeding the above example
> sendemail.from to sanitize_address gives back the same string),
> which holds true for all practical purposes, but it is a bit subtle.
Yes, I think so too. So - what do you suggest?
Add a test?
Add a comment?
more?
> > git-send-email.perl | 18 +++---
> > 1 file changed, 11 insertions(+), 7 deletions(-)
> >
> > diff --git a/git-send-email.perl b/git-send-email.perl
> > index a138615..92df393 100755
> > --- a/git-send-email.perl
> > +++ b/git-send-email.perl
> > @@ -760,6 +760,8 @@ if (!defined $sender) {
> > $sender = $repoauthor || $repocommitter || '';
> > }
> >
> > +$sender = sanitize_address($sender);
> > +
> > my $prompting = 0;
> > if (!@initial_to && !defined $to_cmd) {
> > my $to = ask("Who should the emails be sent to (if any)? ",
> > @@ -1113,10 +1115,9 @@ sub send_message {
> > if ($cc ne '') {
> > $ccline = "\nCc: $cc";
> > }
> > - my $sanitized_sender = sanitize_address($sender);
> > make_message_id() unless defined($message_id);
> >
> > - my $header = "From: $sanitized_sender
> > + my $header = "From: $sender
> > To: $to${ccline}
> > Subject: $subject
> > Date: $date
> > @@ -1133,7 +1134,7 @@ X-Mailer: git-send-email $gitversion
> > }
> >
> > my @sendmail_parameters = ('-i', @recipients);
> > - my $raw_from = $sanitized_sender;
> > + my $raw_from = $sender;
> > if (defined $envelope_sender && $envelope_sender ne "auto") {
> > $raw_from = $envelope_sender;
> > }
> > @@ -1308,8 +1309,9 @@ foreach my $t (@files) {
> > }
> > elsif (/^From:\s+(.*)$/i) {
> > ($author, $author_encoding) =
> > unquote_rfc2047($1);
> > + my $sauthor = sanitize_address($author);
> > next if $suppress_cc{'author'};
> > - next if $suppress_cc{'self'} and $author eq
> > $sender;
> > + next if $suppress_cc{'self'} and $sauthor eq
> > $sender;
> > printf("(mbox) Adding cc: %s from line '%s'\n",
> > $1, $_) unless $quiet;
> > push @cc, $1;
> > @@ -1323,7 +1325,9 @@ foreach my $t (@files) {
> > }
> > elsif (/^Cc:\s+(.*)$/i) {
> > foreach my $addr (parse_address_line($1)) {
> > - if (unquote_rfc2047($addr) eq $sender) {
> > + my $qaddr = unquote_rfc2047($addr);
> > + my $saddr = sanitize_address($qaddr);
> > + if ($saddr eq $sender) {
> > next if ($suppress_cc{'self'});
> > } else {
> > next if ($suppress_cc{'cc'});
> > @@ -1370,7 +1374,8 @@ foreach my $t (@files) {
> > chomp;
> > my ($what, $c) = ($1, $2);
> > chomp $c;
> > - if ($c eq $sender) {
> > + my $sc = sanitize_address($c);
> > + if ($sc eq $sender) {
> > next if ($suppress_cc{'self'});
> > } else {
> > next if $suppress_cc{'sob'} and $what =~
> > /Signed-off-by/i;
> > @@ -1454,7 +1459,6 @@ foreach my $t (@files) {
> > sub recipients_cmd {
> > my ($prefix, $what, $cmd, $file) = @_;
> >
> > - my $sanitized_sender = sanitize_address($sender);
> > my @addresses = ();
> > open my $fh, "-|", "$cmd \Q$file\E"
> > or die "($prefix) Could not execute '$cmd'";
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.
Re: [PATCH v2 4/6] send-email: make --suppress-cc=self sanitize input
"Michael S. Tsirkin" writes:
> --suppress-cc=self fails to filter sender address in many cases where it
> needs to be sanitized in some way, for example quoted:
> "A U. Thor"
> To fix, make send-email sanitize both sender and the address it is
> compared against.
>
> Signed-off-by: Michael S. Tsirkin
> ---
OK, so you are getting rid of distinctions between sanitized_sender
and sender, and $sender is now defined to be always "sanitized"
form.
That change makes things consistent with respect to the question I
had on [2/6].
I however wondered how this would affect those who have configured
"sendemail.from" with an already "sanitized" address. That is, you
may have used:
[sendemail]
from = "Michael S. Tsirkin"
with the older and current versions of Git. I _think_ the safetly
of this change relies on that it is a no-op to run sanitize_address
on an already sanitized address (i.e. feeding the above example
sendemail.from to sanitize_address gives back the same string),
which holds true for all practical purposes, but it is a bit subtle.
> git-send-email.perl | 18 +++---
> 1 file changed, 11 insertions(+), 7 deletions(-)
>
> diff --git a/git-send-email.perl b/git-send-email.perl
> index a138615..92df393 100755
> --- a/git-send-email.perl
> +++ b/git-send-email.perl
> @@ -760,6 +760,8 @@ if (!defined $sender) {
> $sender = $repoauthor || $repocommitter || '';
> }
>
> +$sender = sanitize_address($sender);
> +
> my $prompting = 0;
> if (!@initial_to && !defined $to_cmd) {
> my $to = ask("Who should the emails be sent to (if any)? ",
> @@ -1113,10 +1115,9 @@ sub send_message {
> if ($cc ne '') {
> $ccline = "\nCc: $cc";
> }
> - my $sanitized_sender = sanitize_address($sender);
> make_message_id() unless defined($message_id);
>
> - my $header = "From: $sanitized_sender
> + my $header = "From: $sender
> To: $to${ccline}
> Subject: $subject
> Date: $date
> @@ -1133,7 +1134,7 @@ X-Mailer: git-send-email $gitversion
> }
>
> my @sendmail_parameters = ('-i', @recipients);
> - my $raw_from = $sanitized_sender;
> + my $raw_from = $sender;
> if (defined $envelope_sender && $envelope_sender ne "auto") {
> $raw_from = $envelope_sender;
> }
> @@ -1308,8 +1309,9 @@ foreach my $t (@files) {
> }
> elsif (/^From:\s+(.*)$/i) {
> ($author, $author_encoding) =
> unquote_rfc2047($1);
> + my $sauthor = sanitize_address($author);
> next if $suppress_cc{'author'};
> - next if $suppress_cc{'self'} and $author eq
> $sender;
> + next if $suppress_cc{'self'} and $sauthor eq
> $sender;
> printf("(mbox) Adding cc: %s from line '%s'\n",
> $1, $_) unless $quiet;
> push @cc, $1;
> @@ -1323,7 +1325,9 @@ foreach my $t (@files) {
> }
> elsif (/^Cc:\s+(.*)$/i) {
> foreach my $addr (parse_address_line($1)) {
> - if (unquote_rfc2047($addr) eq $sender) {
> + my $qaddr = unquote_rfc2047($addr);
> + my $saddr = sanitize_address($qaddr);
> + if ($saddr eq $sender) {
> next if ($suppress_cc{'self'});
> } else {
> next if ($suppress_cc{'cc'});
> @@ -1370,7 +1374,8 @@ foreach my $t (@files) {
> chomp;
> my ($what, $c) = ($1, $2);
> chomp $c;
> - if ($c eq $sender) {
> + my $sc = sanitize_address($c);
> + if ($sc eq $sender) {
> next if ($suppress_cc{'self'});
> } else {
> next if $suppress_cc{'sob'} and $what =~
> /Signed-off-by/i;
> @@ -1454,7 +1459,6 @@ foreach my $t (@files) {
> sub recipients_cmd {
> my ($prefix, $what, $cmd, $file) = @_;
>
> - my $sanitized_sender = sanitize_address($sender);
> my @addresses = ();
> open my $fh, "-|", "$cmd \Q$file\E"
> or die "($prefix) Could not execute '$cmd'";
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 4/6] send-email: make --suppress-cc=self sanitize input
--suppress-cc=self fails to filter sender address in many cases where it
needs to be sanitized in some way, for example quoted:
"A U. Thor"
To fix, make send-email sanitize both sender and the address it is
compared against.
Signed-off-by: Michael S. Tsirkin
---
git-send-email.perl | 18 +++---
1 file changed, 11 insertions(+), 7 deletions(-)
diff --git a/git-send-email.perl b/git-send-email.perl
index a138615..92df393 100755
--- a/git-send-email.perl
+++ b/git-send-email.perl
@@ -760,6 +760,8 @@ if (!defined $sender) {
$sender = $repoauthor || $repocommitter || '';
}
+$sender = sanitize_address($sender);
+
my $prompting = 0;
if (!@initial_to && !defined $to_cmd) {
my $to = ask("Who should the emails be sent to (if any)? ",
@@ -1113,10 +1115,9 @@ sub send_message {
if ($cc ne '') {
$ccline = "\nCc: $cc";
}
- my $sanitized_sender = sanitize_address($sender);
make_message_id() unless defined($message_id);
- my $header = "From: $sanitized_sender
+ my $header = "From: $sender
To: $to${ccline}
Subject: $subject
Date: $date
@@ -1133,7 +1134,7 @@ X-Mailer: git-send-email $gitversion
}
my @sendmail_parameters = ('-i', @recipients);
- my $raw_from = $sanitized_sender;
+ my $raw_from = $sender;
if (defined $envelope_sender && $envelope_sender ne "auto") {
$raw_from = $envelope_sender;
}
@@ -1308,8 +1309,9 @@ foreach my $t (@files) {
}
elsif (/^From:\s+(.*)$/i) {
($author, $author_encoding) =
unquote_rfc2047($1);
+ my $sauthor = sanitize_address($author);
next if $suppress_cc{'author'};
- next if $suppress_cc{'self'} and $author eq
$sender;
+ next if $suppress_cc{'self'} and $sauthor eq
$sender;
printf("(mbox) Adding cc: %s from line '%s'\n",
$1, $_) unless $quiet;
push @cc, $1;
@@ -1323,7 +1325,9 @@ foreach my $t (@files) {
}
elsif (/^Cc:\s+(.*)$/i) {
foreach my $addr (parse_address_line($1)) {
- if (unquote_rfc2047($addr) eq $sender) {
+ my $qaddr = unquote_rfc2047($addr);
+ my $saddr = sanitize_address($qaddr);
+ if ($saddr eq $sender) {
next if ($suppress_cc{'self'});
} else {
next if ($suppress_cc{'cc'});
@@ -1370,7 +1374,8 @@ foreach my $t (@files) {
chomp;
my ($what, $c) = ($1, $2);
chomp $c;
- if ($c eq $sender) {
+ my $sc = sanitize_address($c);
+ if ($sc eq $sender) {
next if ($suppress_cc{'self'});
} else {
next if $suppress_cc{'sob'} and $what =~
/Signed-off-by/i;
@@ -1454,7 +1459,6 @@ foreach my $t (@files) {
sub recipients_cmd {
my ($prefix, $what, $cmd, $file) = @_;
- my $sanitized_sender = sanitize_address($sender);
my @addresses = ();
open my $fh, "-|", "$cmd \Q$file\E"
or die "($prefix) Could not execute '$cmd'";
--
MST
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
