mailinfo: More carefully parse header lines in read_one_header_line()
We exited prematurely from header parsing loop when the header field did not have a space after the colon but we insisted on it, and we got the check wrong because we forgot that we strip the trailing whitespace before we do the check. The space after the colon is not even required by RFC2822, so stop requiring it. While we are at it, the header line is specified to be more strict than "anything with a colon in it" (there must be one or more characters before the colon, and they must not be controls, SP or non US-ASCII), so implement that check as well, lest we mistakenly think something like: Bogus not a header line: this is not. as a header line. Signed-off-by: Junio C Hamano <junkio@cox.net>
This commit is contained in:
parent
2dec02b1ec
commit
ef29c11702
27
mailinfo.c
27
mailinfo.c
@ -382,19 +382,40 @@ static void check_header_line(char *line)
|
|||||||
check_header(line, header);
|
check_header(line, header);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int is_rfc2822_header(char *line)
|
||||||
|
{
|
||||||
|
/*
|
||||||
|
* The section that defines the loosest possible
|
||||||
|
* field name is "3.6.8 Optional fields".
|
||||||
|
*
|
||||||
|
* optional-field = field-name ":" unstructured CRLF
|
||||||
|
* field-name = 1*ftext
|
||||||
|
* ftext = %d33-57 / %59-126
|
||||||
|
*/
|
||||||
|
int ch;
|
||||||
|
char *cp = line;
|
||||||
|
while ((ch = *cp++)) {
|
||||||
|
if (ch == ':')
|
||||||
|
return cp != line;
|
||||||
|
if ((33 <= ch && ch <= 57) ||
|
||||||
|
(59 <= ch && ch <= 126))
|
||||||
|
continue;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
static int read_one_header_line(char *line, int sz, FILE *in)
|
static int read_one_header_line(char *line, int sz, FILE *in)
|
||||||
{
|
{
|
||||||
int ofs = 0;
|
int ofs = 0;
|
||||||
while (ofs < sz) {
|
while (ofs < sz) {
|
||||||
const char *colon;
|
|
||||||
int peek, len;
|
int peek, len;
|
||||||
if (fgets(line + ofs, sz - ofs, in) == NULL)
|
if (fgets(line + ofs, sz - ofs, in) == NULL)
|
||||||
break;
|
break;
|
||||||
len = eatspace(line + ofs);
|
len = eatspace(line + ofs);
|
||||||
if (len == 0)
|
if (len == 0)
|
||||||
break;
|
break;
|
||||||
colon = strchr(line, ':');
|
if (!is_rfc2822_header(line)) {
|
||||||
if (!colon || !isspace(colon[1])) {
|
|
||||||
/* Re-add the newline */
|
/* Re-add the newline */
|
||||||
line[ofs + len] = '\n';
|
line[ofs + len] = '\n';
|
||||||
line[ofs + len + 1] = '\0';
|
line[ofs + len + 1] = '\0';
|
||||||
|
Loading…
Reference in New Issue
Block a user