[PATCH] send-email: add extra safetly in address sanitazion

Felipe Contreras <felipe.contreras@xxxxxxxxx> · Sat, 4 Feb 2012 18:32:42 +0200

Currently bad addresses like 'Foo Bar <foo@xxxxxxx>>' will just be sent
verbatim -- that's not good; we should either error out, or sanitize
them.

The following patch adds extra sanitazion so the following
transformations are performed:

  'Foo Bar <foo@xxxxxxx>' -> 'Foo Bar <foo@xxxxxxx>'
  '"Foo Bar" <foo@xxxxxxx>' -> '"Foo Bar" <foo@xxxxxxx>'
  'foo@xxxxxxx' -> 'foo@xxxxxxx'
  '<foo@xxxxxxx>' -> 'foo@xxxxxxx'
  'Foo Bar' -> 'Foo Bar'
  'Foo Bar <foo@xxxxxxx>>' -> 'Foo Bar <foo@xxxxxxx>'
  '"Foo Bar" <foo@xxxxxxx>>' -> '"Foo Bar" <foo@xxxxxxx>'
  '<foo@xxxxxxx>>' -> 'foo@xxxxxxx'

Basically, we try to check that the address is in the form of
"Name <email>", and if not, assume it's "email". According to commit
155197e[1], the "prhase" should not be empty, so if it is, remove the
<>. Extra characters after the first ">" are ignored.

[1] send-email: rfc822 forbids using <address@domain> without a non-empty "phrase"

Signed-off-by: Felipe Contreras <felipe.contreras@xxxxxxxxx>
---
 git-send-email.perl |   14 ++++++++++----
 1 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/git-send-email.perl b/git-send-email.perl
index ef30c55..19c600f 100755
--- a/git-send-email.perl
+++ b/git-send-email.perl
@@ -889,15 +889,21 @@ sub is_rfc2047_quoted {
 # use the simplest quoting being able to handle the recipient
 sub sanitize_address {
 	my ($recipient) = @_;
-	my ($recipient_name, $recipient_addr) = ($recipient =~ /^(.*?)\s*(<.*)/);
+	my ($recipient_name, $recipient_addr);
+
+	if ($recipient =~ /^(.*?)\s*<(.*?)>/) {
+		($recipient_name, $recipient_addr) = ($1, $2);
+	} else {
+		$recipient_addr = $recipient;
+	}
 
 	if (not $recipient_name) {
-		return $recipient;
+		return $recipient_addr;
 	}
 
 	# if recipient_name is already quoted, do nothing
 	if (is_rfc2047_quoted($recipient_name)) {
-		return $recipient;
+		return "$recipient_name <$recipient_addr>";
 	}
 
 	# rfc2047 is needed if a non-ascii char is included
@@ -912,7 +918,7 @@ sub sanitize_address {
 		$recipient_name = qq["$recipient_name"];
 	}
 
-	return "$recipient_name $recipient_addr";
+	return "$recipient_name <$recipient_addr>";
 
 }
 
-- 
1.7.9

--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html





