[PATCH 1/6] emacs: Sanitize authors and subjects in search and show

diff --git a/c7/0dfb1d5ac8810f0668c020a701865567762cdc b/c7/0dfb1d5ac8810f0668c020a701865567762cdc
new file mode 100644 (file)
index 0000000..44d4462
--- /dev/null
+++ b/c7/0dfb1d5ac8810f0668c020a701865567762cdc
@@ -0,0 +1,152 @@
+Return-Path: <jani@nikula.org>\r
+X-Original-To: notmuch@notmuchmail.org\r
+Delivered-To: notmuch@notmuchmail.org\r
+Received: from localhost (localhost [127.0.0.1])\r
+       by olra.theworths.org (Postfix) with ESMTP id 4881B431FBF\r
+       for <notmuch@notmuchmail.org>; Wed, 16 Oct 2013 12:00:25 -0700 (PDT)\r
+X-Virus-Scanned: Debian amavisd-new at olra.theworths.org\r
+X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "References"\r
+X-Spam-Flag: NO\r
+X-Spam-Score: -0.7\r
+X-Spam-Level: \r
+X-Spam-Status: No, score=-0.7 tagged_above=-999 required=5\r
+       tests=[RCVD_IN_DNSWL_LOW=-0.7] autolearn=disabled\r
+Received: from olra.theworths.org ([127.0.0.1])\r
+       by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)\r
+       with ESMTP id V068ZgqOylfY for <notmuch@notmuchmail.org>;\r
+       Wed, 16 Oct 2013 12:00:19 -0700 (PDT)\r
+Received: from mail-ee0-f52.google.com (mail-ee0-f52.google.com\r
+ [74.125.83.52])       (using TLSv1 with cipher RC4-SHA (128/128 bits))        (No client\r
+ certificate requested)        by olra.theworths.org (Postfix) with ESMTPS id\r
+ 768A6431FB6   for <notmuch@notmuchmail.org>; Wed, 16 Oct 2013 12:00:19 -0700\r
+ (PDT)\r
+Received: by mail-ee0-f52.google.com with SMTP id c41so585987eek.11\r
+       for <notmuch@notmuchmail.org>; Wed, 16 Oct 2013 12:00:18 -0700 (PDT)\r
+X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;\r
+       d=1e100.net; s=20130820;\r
+       h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to\r
+       :references:in-reply-to:references;\r
+       bh=T53yQrOXHwZ4CKZLvq8kwsItjeBdoKIAWRNL8vQR/E4=;\r
+       b=RXH8dEL6w89EpAevLCAX4cyfHYhKmyawju5NPbrQpx6WkYth5/AeFUuChATje8Rip/\r
+       dYGwj0IhIMs0aJUvyEkauMkvmq8l30DmYtMoHZANRuYPJrh6oqWLh+JFYHzkEzeHJ4Nq\r
+       M8N8cCKjatSwY+dlVFisv8tGfbS7huHtcOP+RudVNMDBXoGrbFmnzeU0LkUrVi0KfrJW\r
+       tVAP3DoYMr21oz/BqLfp5mOMT3idRQ0l+Ay94LHq7CARNOnCLf4V2URf+lYvcvl6j6mh\r
+       DgX0F3JhYqIWgjI060FkqNyAljU5vIcnbdf7RpcQiMln/dpKIoJwZa8tGZqTS76gbfyr\r
+       Uewg==\r
+X-Gm-Message-State:\r
+ ALoCoQm2Zzi1QUoXVCQRrCO2GsikqoWk+0it3yB80zRoCoFDILzOZTefIr1MkvG2e7zZWkLm/bQU\r
+X-Received: by 10.15.61.73 with SMTP id h49mr6822542eex.57.1381950018350;\r
+       Wed, 16 Oct 2013 12:00:18 -0700 (PDT)\r
+Received: from localhost (dsl-hkibrasgw2-58c36f-91.dhcp.inet.fi.\r
+       [88.195.111.91])\r
+       by mx.google.com with ESMTPSA id 48sm21233018eeq.4.1969.12.31.16.00.00\r
+       (version=TLSv1.2 cipher=RC4-SHA bits=128/128);\r
+       Wed, 16 Oct 2013 12:00:17 -0700 (PDT)\r
+From: Jani Nikula <jani@nikula.org>\r
+To: notmuch@notmuchmail.org\r
+Subject: [PATCH 1/6] emacs: Sanitize authors and subjects in search and show\r
+Date: Wed, 16 Oct 2013 22:00:08 +0300\r
+Message-Id:\r
+ <8a1cf0f31f31b7f7be8a7458a5cbf0cc3ead6ac0.1381948853.git.jani@nikula.org>\r
+X-Mailer: git-send-email 1.8.4.rc3\r
+In-Reply-To: <cover.1381948853.git.jani@nikula.org>\r
+References: <cover.1381948853.git.jani@nikula.org>\r
+In-Reply-To: <cover.1381948853.git.jani@nikula.org>\r
+References: <cover.1381948853.git.jani@nikula.org>\r
+X-BeenThere: notmuch@notmuchmail.org\r
+X-Mailman-Version: 2.1.13\r
+Precedence: list\r
+List-Id: "Use and development of the notmuch mail system."\r
+       <notmuch.notmuchmail.org>\r
+List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,\r
+       <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>\r
+List-Archive: <http://notmuchmail.org/pipermail/notmuch>\r
+List-Post: <mailto:notmuch@notmuchmail.org>\r
+List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>\r
+List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,\r
+       <mailto:notmuch-request@notmuchmail.org?subject=subscribe>\r
+X-List-Received-Date: Wed, 16 Oct 2013 19:00:25 -0000\r
+\r
+From: Austin Clements <amdragon@MIT.EDU>\r
+\r
+Authors and subjects can contain embedded, encoded control characters\r
+like "\n" and "\t" that mess up display.  Transform control characters\r
+into spaces everywhere we display them in search and show.\r
+---\r
+ emacs/notmuch-lib.el  | 6 ++++++\r
+ emacs/notmuch-show.el | 7 ++++---\r
+ emacs/notmuch.el      | 6 ++++--\r
+ 3 files changed, 14 insertions(+), 5 deletions(-)\r
+\r
+diff --git a/emacs/notmuch-lib.el b/emacs/notmuch-lib.el\r
+index 58f3313..6541282 100644\r
+--- a/emacs/notmuch-lib.el\r
++++ b/emacs/notmuch-lib.el\r
+@@ -243,6 +243,12 @@ depending on the value of `notmuch-poll-script'."\r
+       "[No Subject]"\r
+       subject)))\r
+ \r
++(defun notmuch-sanitize (str)\r
++  "Sanitize control character in STR.\r
++\r
++This includes newlines, tabs, and other funny characters."\r
++  (replace-regexp-in-string "[[:cntrl:]\x7f\u2028\u2029]+" " " str))\r
++\r
+ (defun notmuch-escape-boolean-term (term)\r
+   "Escape a boolean term for use in a query.\r
+ \r
+diff --git a/emacs/notmuch-show.el b/emacs/notmuch-show.el\r
+index 7325792..fa11d98 100644\r
+--- a/emacs/notmuch-show.el\r
++++ b/emacs/notmuch-show.el\r
+@@ -407,7 +407,8 @@ unchanged ADDRESS if parsing fails."\r
+ message at DEPTH in the current thread."\r
+   (let ((start (point)))\r
+     (insert (notmuch-show-spaces-n (* notmuch-show-indent-messages-width depth))\r
+-          (notmuch-show-clean-address (plist-get headers :From))\r
++          (notmuch-sanitize\r
++           (notmuch-show-clean-address (plist-get headers :From)))\r
+           " ("\r
+           date\r
+           ") ("\r
+@@ -417,7 +418,7 @@ message at DEPTH in the current thread."\r
+ \r
+ (defun notmuch-show-insert-header (header header-value)\r
+   "Insert a single header."\r
+-  (insert header ": " header-value "\n"))\r
++  (insert header ": " (notmuch-sanitize header-value) "\n"))\r
+ \r
+ (defun notmuch-show-insert-headers (headers)\r
+   "Insert the headers of the current message."\r
+@@ -1154,7 +1155,7 @@ function is used."\r
+       (jit-lock-register #'notmuch-show-buttonise-links)\r
+ \r
+       ;; Set the header line to the subject of the first message.\r
+-      (setq header-line-format (notmuch-show-strip-re (notmuch-show-get-subject)))\r
++      (setq header-line-format (notmuch-sanitize (notmuch-show-strip-re (notmuch-show-get-subject))))\r
+ \r
+       (run-hooks 'notmuch-show-hook))))\r
+ \r
+diff --git a/emacs/notmuch.el b/emacs/notmuch.el\r
+index c47c6b5..44cd2fd 100644\r
+--- a/emacs/notmuch.el\r
++++ b/emacs/notmuch.el\r
+@@ -791,11 +791,13 @@ non-authors is found, assume that all of the authors match."\r
+                                       (plist-get result :total)))\r
+                       'face 'notmuch-search-count)))\r
+    ((string-equal field "subject")\r
+-    (insert (propertize (format format-string (plist-get result :subject))\r
++    (insert (propertize (format format-string\r
++                              (notmuch-sanitize (plist-get result :subject)))\r
+                       'face 'notmuch-search-subject)))\r
+ \r
+    ((string-equal field "authors")\r
+-    (notmuch-search-insert-authors format-string (plist-get result :authors)))\r
++    (notmuch-search-insert-authors\r
++     format-string (notmuch-sanitize (plist-get result :authors))))\r
+ \r
+    ((string-equal field "tags")\r
+     (let ((tags (plist-get result :tags)))\r
+-- \r
+1.8.4.rc3\r
+\r