From 3f2050ac221a4c940c12442f156f12fff11600c6 Mon Sep 17 00:00:00 2001 From: Aaron Ecay Date: Fri, 3 Feb 2012 11:24:07 +0100 Subject: test: add tests for quoting of MML tags in replies The test is broken at this time; the next commit will introduce a fix. Edited-by: Pieter Praet : Rebased to release branch, moved expected output into the actual test, and fixed "Fcc:" line. --- test/emacs | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'test') diff --git a/test/emacs b/test/emacs index f36718e7..db8e4ad8 100755 --- a/test/emacs +++ b/test/emacs @@ -273,6 +273,27 @@ On 01 Jan 2000 12:00:00 -0000, Notmuch Test Suite w EOF test_expect_equal_file OUTPUT EXPECTED +test_begin_subtest "Quote MML tags in reply" +test_subtest_known_broken +message_id='test-emacs-mml-quoting@message.id' +add_message [id]="$message_id" \ + "[subject]='$test_subtest_name'" \ + '[body]="<#part disposition=inline>"' +test_emacs "(notmuch-show \"id:$message_id\") + (notmuch-show-reply) + (test-output)" +cat <EXPECTED +From: Notmuch Test Suite +To: +Subject: Re: Quote MML tags in reply +In-Reply-To: +Fcc: ${MAIL_DIR}/sent +--text follows this line-- +On Tue, 05 Jan 2001 15:43:57 -0000, Notmuch Test Suite wrote: +> <#!part disposition=inline> +EOF +test_expect_equal_file OUTPUT EXPECTED + test_begin_subtest "Save attachment from within emacs using notmuch-show-save-attachments" # save as archive to test that Emacs does not re-compress .gz test_emacs '(let ((standard-input "\"attachment1.gz\"")) -- cgit v1.2.3 From ae438ccd8c77831158c7c30f19710d798ee4a6b4 Mon Sep 17 00:00:00 2001 From: Aaron Ecay Date: Fri, 3 Feb 2012 11:24:08 +0100 Subject: emacs: quote MML tags in replies MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Emacs message-mode uses certain text strings to indicate how to attach files to outgoing mail. If these are present in the text of an email, and a user is tricked into replying to the message, the user’s files could be exposed. Edited-by: Pieter Praet : Rebased to release branch. --- NEWS | 11 +++++++++++ emacs/notmuch-mua.el | 7 ++++++- test/emacs | 1 - 3 files changed, 17 insertions(+), 2 deletions(-) (limited to 'test') diff --git a/NEWS b/NEWS index 3d2c2a84..a089e679 100644 --- a/NEWS +++ b/NEWS @@ -11,6 +11,17 @@ Fix error handling in python bindings. exceptions to indicate the error condition. Any subsequent calls into libnotmuch caused segmentation faults. +Quote MML tags in replies + + MML tags are text codes that Emacs uses to indicate attachments + (among other things) in messages being composed. The Emacs + interface did not quote MML tags in the quoted text of a reply. + User could be tricked into replying to a maliciously formatted + message and not editing out the MML tags from the quoted text. This + could lead to files from the user's machine being attached to the + outgoing message. The Emacs interface now quotes these tags in + reply text, so that they do not effect outgoing messages. + Notmuch 0.11 (2012-01-13) ========================= diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el index 7114e48a..3e93d7c8 100644 --- a/emacs/notmuch-mua.el +++ b/emacs/notmuch-mua.el @@ -111,7 +111,12 @@ list." (insert body)) (set-buffer-modified-p nil) - (message-goto-body)) + (message-goto-body) + ;; Original message may contain (malicious) MML tags. We must + ;; properly quote them in the reply. Note that using `point-max' + ;; instead of `mark' here is wrong. The buffer may include user's + ;; signature which should not be MML-quoted. + (mml-quote-region (point) (point-max))) (defun notmuch-mua-forward-message () (message-forward) diff --git a/test/emacs b/test/emacs index db8e4ad8..2d066ed4 100755 --- a/test/emacs +++ b/test/emacs @@ -274,7 +274,6 @@ EOF test_expect_equal_file OUTPUT EXPECTED test_begin_subtest "Quote MML tags in reply" -test_subtest_known_broken message_id='test-emacs-mml-quoting@message.id' add_message [id]="$message_id" \ "[subject]='$test_subtest_name'" \ -- cgit v1.2.3