From 38030377813a6709601e3e26af6652e15398f8f0 Mon Sep 17 00:00:00 2001 From: Tomi Ollila Date: Mon, 3 Feb 2014 23:21:03 +0200 Subject: [PATCH] Re: sanitization of args notmuch-cli in notmuch-emacs --- 37/a32312664dec64b31db0fec97acb2d4803b9d5 | 124 ++++++++++++++++++++++ 1 file changed, 124 insertions(+) create mode 100644 37/a32312664dec64b31db0fec97acb2d4803b9d5 diff --git a/37/a32312664dec64b31db0fec97acb2d4803b9d5 b/37/a32312664dec64b31db0fec97acb2d4803b9d5 new file mode 100644 index 000000000..8b817355c --- /dev/null +++ b/37/a32312664dec64b31db0fec97acb2d4803b9d5 @@ -0,0 +1,124 @@ +Return-Path: +X-Original-To: notmuch@notmuchmail.org +Delivered-To: notmuch@notmuchmail.org +Received: from localhost (localhost [127.0.0.1]) + by olra.theworths.org (Postfix) with ESMTP id 1F2BA431FBC + for ; Mon, 3 Feb 2014 13:21:17 -0800 (PST) +X-Virus-Scanned: Debian amavisd-new at olra.theworths.org +X-Spam-Flag: NO +X-Spam-Score: 0 +X-Spam-Level: +X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none] + autolearn=disabled +Received: from olra.theworths.org ([127.0.0.1]) + by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id y2tYR9iD5gVM for ; + Mon, 3 Feb 2014 13:21:09 -0800 (PST) +Received: from guru.guru-group.fi (guru.guru-group.fi [46.183.73.34]) + by olra.theworths.org (Postfix) with ESMTP id 618DC431FAF + for ; Mon, 3 Feb 2014 13:21:09 -0800 (PST) +Received: from guru.guru-group.fi (localhost [IPv6:::1]) + by guru.guru-group.fi (Postfix) with ESMTP id DED2E100033; + Mon, 3 Feb 2014 23:21:03 +0200 (EET) +From: Tomi Ollila +To: David Bremner , notmuch@notmuchmail.org +Subject: Re: sanitization of args notmuch-cli in notmuch-emacs +In-Reply-To: +References: <87wqhcxb5j.fsf@maritornes.cs.unb.ca> + +User-Agent: Notmuch/0.17+55~g4397960 (http://notmuchmail.org) Emacs/24.3.1 + (x86_64-unknown-linux-gnu) +X-Face: HhBM'cA~ +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf-8 +Content-Transfer-Encoding: quoted-printable +X-BeenThere: notmuch@notmuchmail.org +X-Mailman-Version: 2.1.13 +Precedence: list +List-Id: "Use and development of the notmuch mail system." + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +X-List-Received-Date: Mon, 03 Feb 2014 21:21:17 -0000 + +On Mon, Feb 03 2014, Tomi Ollila wrote: + +> On Mon, Feb 03 2014, David Bremner wrote: +> +>> Antoine Beaupr=C3=A9 found a bug when notmuch-saved-searches contains=20 +>> newlines: +>> +>> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D737496 +>> +>> We can remove newlines with something like +>>=20=20=20=20=20=20=20=20=20=20=20 +>> (mapcar (lambda (arg)=20 +>> (replace-regexp-in-string "\n" " " arg)) +>> args) +>> +>> I wonder if we should do some other sanitization at the same time? +> +> It took a while to reproduce... +> +> $ echo $'foo\nbar' | notmuch count --batch=20 +> 665 +> 631 +> +> $ echo $'foo\n and bar' | notmuch count --batch +> 665 +> A Xapian exception occurred: Syntax: AND +> Query string was: and bar +> 0 +> +> Therefore: (wrong-type-argument number-or-marker-p A) +> +> (I run non-byte-compiled version of (one-) notmuch.el and +> got this as a backtrace: +> +> Debugger entered--Lisp error: (wrong-type-argument number-or-marker-p A) +> >(A 0) +> (or (plist-get options :show-empty-searches) (> message-count 0)) +> ... +> (notmuch-remove-if-not +> ... +> notmuch-hello-query-counts +> ... +> +> simpler way to reproduce: +> +> $ notmuch count 'and bar' +> A Xapian exception occurred: Syntax: AND +> Query string was: and bar +> 0 +> +> Maybe the cli should be fixed ? (and/or make emacs MUA resilient to +> this kind of result) + +of yes, the notmuch count --batch gets borken with \n -- from one +query there are 2 new count queries (and counts should be all wrong +from that point on (if there were no Xapian exception)) + +We would not have noticed this (as easily) if the Xapian execption did not +happen. + +So, whether (or not?) some fixing is done in CLI the batch query emacs +sends needs to be sanitized exactly as David suggested above. + +> +>> +>> d +>> +> +> Tomi + +Tomi + -- 2.26.2