From ae438ccd8c77831158c7c30f19710d798ee4a6b4 Mon Sep 17 00:00:00 2001
From: Aaron Ecay <aaronecay@gmail.com>
Date: Fri, 3 Feb 2012 11:24:08 +0100
Subject: emacs: quote MML tags in replies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Emacs message-mode uses certain text strings to indicate how to attach
files to outgoing mail.  If these are present in the text of an email,
and a user is tricked into replying to the message, the user’s files
could be exposed.

Edited-by: Pieter Praet <pieter@praet.org>:  Rebased to release branch.
---
 emacs/notmuch-mua.el | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'emacs')

diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el
index 7114e48a..3e93d7c8 100644
--- a/emacs/notmuch-mua.el
+++ b/emacs/notmuch-mua.el
@@ -111,7 +111,12 @@ list."
     (insert body))
   (set-buffer-modified-p nil)
 
-  (message-goto-body))
+  (message-goto-body)
+  ;; Original message may contain (malicious) MML tags.  We must
+  ;; properly quote them in the reply.  Note that using `point-max'
+  ;; instead of `mark' here is wrong.  The buffer may include user's
+  ;; signature which should not be MML-quoted.
+  (mml-quote-region (point) (point-max)))
 
 (defun notmuch-mua-forward-message ()
   (message-forward)
-- 
cgit v1.2.3