Return-Path: X-Original-To: notmuch@notmuchmail.org Delivered-To: notmuch@notmuchmail.org Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id 1F2BA431FBC for ; Mon, 3 Feb 2014 13:21:17 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org X-Spam-Flag: NO X-Spam-Score: 0 X-Spam-Level: X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none] autolearn=disabled Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y2tYR9iD5gVM for ; Mon, 3 Feb 2014 13:21:09 -0800 (PST) Received: from guru.guru-group.fi (guru.guru-group.fi [46.183.73.34]) by olra.theworths.org (Postfix) with ESMTP id 618DC431FAF for ; Mon, 3 Feb 2014 13:21:09 -0800 (PST) Received: from guru.guru-group.fi (localhost [IPv6:::1]) by guru.guru-group.fi (Postfix) with ESMTP id DED2E100033; Mon, 3 Feb 2014 23:21:03 +0200 (EET) From: Tomi Ollila To: David Bremner , notmuch@notmuchmail.org Subject: Re: sanitization of args notmuch-cli in notmuch-emacs In-Reply-To: References: <87wqhcxb5j.fsf@maritornes.cs.unb.ca> User-Agent: Notmuch/0.17+55~g4397960 (http://notmuchmail.org) Emacs/24.3.1 (x86_64-unknown-linux-gnu) X-Face: HhBM'cA~ MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Feb 2014 21:21:17 -0000 On Mon, Feb 03 2014, Tomi Ollila wrote: > On Mon, Feb 03 2014, David Bremner wrote: > >> Antoine Beaupr=C3=A9 found a bug when notmuch-saved-searches contains=20 >> newlines: >> >> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D737496 >> >> We can remove newlines with something like >>=20=20=20=20=20=20=20=20=20=20=20 >> (mapcar (lambda (arg)=20 >> (replace-regexp-in-string "\n" " " arg)) >> args) >> >> I wonder if we should do some other sanitization at the same time? > > It took a while to reproduce... > > $ echo $'foo\nbar' | notmuch count --batch=20 > 665 > 631 > > $ echo $'foo\n and bar' | notmuch count --batch > 665 > A Xapian exception occurred: Syntax: AND > Query string was: and bar > 0 > > Therefore: (wrong-type-argument number-or-marker-p A) > > (I run non-byte-compiled version of (one-) notmuch.el and > got this as a backtrace: > > Debugger entered--Lisp error: (wrong-type-argument number-or-marker-p A) > >(A 0) > (or (plist-get options :show-empty-searches) (> message-count 0)) > ... > (notmuch-remove-if-not > ... > notmuch-hello-query-counts > ... > > simpler way to reproduce: > > $ notmuch count 'and bar' > A Xapian exception occurred: Syntax: AND > Query string was: and bar > 0 > > Maybe the cli should be fixed ? (and/or make emacs MUA resilient to > this kind of result) of yes, the notmuch count --batch gets borken with \n -- from one query there are 2 new count queries (and counts should be all wrong from that point on (if there were no Xapian exception)) We would not have noticed this (as easily) if the Xapian execption did not happen. So, whether (or not?) some fixing is done in CLI the batch query emacs sends needs to be sanitized exactly as David suggested above. > >> >> d >> > > Tomi Tomi