mailinfo: don't decode invalid =XY quoted-printable sequences
[gitweb.git] / mailinfo.c
index e19abe3cb93e24aed8848cadec8ddf8a8767f303..5a597ef89ca6f8cfc0affe0ec3659d663f680b4b 100644 (file)
@@ -54,6 +54,86 @@ static void parse_bogus_from(struct mailinfo *mi, const struct strbuf *line)
        get_sane_name(&mi->name, &mi->name, &mi->email);
 }
 
+static const char *unquote_comment(struct strbuf *outbuf, const char *in)
+{
+       int c;
+       int take_next_litterally = 0;
+
+       strbuf_addch(outbuf, '(');
+
+       while ((c = *in++) != 0) {
+               if (take_next_litterally == 1) {
+                       take_next_litterally = 0;
+               } else {
+                       switch (c) {
+                       case '\\':
+                               take_next_litterally = 1;
+                               continue;
+                       case '(':
+                               in = unquote_comment(outbuf, in);
+                               continue;
+                       case ')':
+                               strbuf_addch(outbuf, ')');
+                               return in;
+                       }
+               }
+
+               strbuf_addch(outbuf, c);
+       }
+
+       return in;
+}
+
+static const char *unquote_quoted_string(struct strbuf *outbuf, const char *in)
+{
+       int c;
+       int take_next_litterally = 0;
+
+       while ((c = *in++) != 0) {
+               if (take_next_litterally == 1) {
+                       take_next_litterally = 0;
+               } else {
+                       switch (c) {
+                       case '\\':
+                               take_next_litterally = 1;
+                               continue;
+                       case '"':
+                               return in;
+                       }
+               }
+
+               strbuf_addch(outbuf, c);
+       }
+
+       return in;
+}
+
+static void unquote_quoted_pair(struct strbuf *line)
+{
+       struct strbuf outbuf;
+       const char *in = line->buf;
+       int c;
+
+       strbuf_init(&outbuf, line->len);
+
+       while ((c = *in++) != 0) {
+               switch (c) {
+               case '"':
+                       in = unquote_quoted_string(&outbuf, in);
+                       continue;
+               case '(':
+                       in = unquote_comment(&outbuf, in);
+                       continue;
+               }
+
+               strbuf_addch(&outbuf, c);
+       }
+
+       strbuf_swap(&outbuf, line);
+       strbuf_release(&outbuf);
+
+}
+
 static void handle_from(struct mailinfo *mi, const struct strbuf *from)
 {
        char *at;
@@ -63,6 +143,8 @@ static void handle_from(struct mailinfo *mi, const struct strbuf *from)
        strbuf_init(&f, from->len);
        strbuf_addbuf(&f, from);
 
+       unquote_quoted_pair(&f);
+
        at = strchr(f.buf, '@');
        if (!at) {
                parse_bogus_from(mi, from);
@@ -285,11 +367,16 @@ static struct strbuf *decode_q_segment(const struct strbuf *q_seg, int rfc2047)
 
        while ((c = *in++) != 0) {
                if (c == '=') {
-                       int d = *in++;
+                       int ch, d = *in;
                        if (d == '\n' || !d)
                                break; /* drop trailing newline */
-                       strbuf_addch(out, (hexval(d) << 4) | hexval(*in++));
-                       continue;
+                       ch = hex2chr(in);
+                       if (ch >= 0) {
+                               strbuf_addch(out, ch);
+                               in += 2;
+                               continue;
+                       }
+                       /* garbage -- fall through */
                }
                if (rfc2047 && c == '_') /* rfc2047 4.2 (2) */
                        c = 0x20;