From patchwork Mon Apr 20 23:54:34 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?xJBvw6BuIFRy4bqnbiBDw7RuZyBEYW5o?=
 <congdanhqx@gmail.com>
X-Patchwork-Id: 11500081
Return-Path: <SRS0=xG8z=6E=vger.kernel.org=git-owner@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B0AD61667
	for <patchwork-git@patchwork.kernel.org>;
 Mon, 20 Apr 2020 23:55:02 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 99B322082E
	for <patchwork-git@patchwork.kernel.org>;
 Mon, 20 Apr 2020 23:55:02 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b="g/GQBns5"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726445AbgDTXzB (ORCPT
        <rfc822;patchwork-git@patchwork.kernel.org>);
        Mon, 20 Apr 2020 19:55:01 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54158 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-FAIL-OK-FAIL)
        by vger.kernel.org with ESMTP id S1725988AbgDTXzB (ORCPT
        <rfc822;git@vger.kernel.org>); Mon, 20 Apr 2020 19:55:01 -0400
Received: from mail-pl1-x643.google.com (mail-pl1-x643.google.com
 [IPv6:2607:f8b0:4864:20::643])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3CE2FC061A0E
        for <git@vger.kernel.org>; Mon, 20 Apr 2020 16:55:01 -0700 (PDT)
Received: by mail-pl1-x643.google.com with SMTP id z6so4556854plk.10
        for <git@vger.kernel.org>; Mon, 20 Apr 2020 16:55:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=u7i9JEcHGbBDQq5uZ2gh7RUXZ1tzWS0caOTUlX5WiNI=;
        b=g/GQBns5yB0cFJ4+xnxX+2dmfgGzqxazpQYwvqUVkeyG8R82WHE7eAfsuxPQvI2jEt
         Z6lZfaic1XBX9pnglT7DM5s9wUJBqe2MTs+4MwQuqsuE7EcOKgdPZ2QKUJFiazHhczmY
         1pQ+ze4pxmymFePkrk6e8XcdUXf6ChfG1iFUPtMDcBleBeu6xeCWwvTu2B0tIcze8U3T
         bw4t7u1eqo95GDfxcqF+MWeCCG1rCqz/l7tb9xOprq/hN/jGuTe5rjOQDPkGedc++SvL
         5NSM7t3hBrPJTbvEKSn4ahKKbLhLh2uU23uLAYOl72OahyFkFOt7Pz9FHTRvx+KYjZlH
         PTHA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=u7i9JEcHGbBDQq5uZ2gh7RUXZ1tzWS0caOTUlX5WiNI=;
        b=OcJbAtSmMXC0PZ/WPkUmL0zhoMVjf36kX8x3eHdBP6Srq4Bs0+1jJlqM+kcTW8NthO
         I9FtTBYyblL2jMVeVzogMGtrcsTT8TzkkPmiRMIEVT3WxqRkdeStSXjyjwNzJGqWUrSP
         UF0rbzatThVHUjtmTNJ5G6vZueJs/l4SarlIm2eiB15Cukx5z6bp36lv+sIjQGqw09xI
         tzaaSNB/03oJgWOAFggLH2tyXR0c7Ns5lP7Z6FWg/BmsOHCPgnDF5pEgOqU5OiaR+zya
         b3vx7DBP3XJxA5M2LoTtFSQhcgZMjBhsrj9leSqGS6FtXoI7rP93vYVFA+RXUy4zp1AZ
         Md4w==
X-Gm-Message-State: AGi0PuZCWm9gM1horVxz+AQvOtdz1gCmzybH3ym3q1ZjleJj0n3bqk+2
        nqiCBxAr5wOojamY9SAjskbKFr5Y
X-Google-Smtp-Source: 
 APiQypJhvF6lcdaGu9UjHCvmiwp8Xnd2AeCgt34oJOPSsEKWE04z/8G6k8Y/6hv6VkUhkzeW60srig==
X-Received: by 2002:a17:90a:1ae9:: with SMTP id
 p96mr2168130pjp.75.1587426900125;
        Mon, 20 Apr 2020 16:55:00 -0700 (PDT)
Received: from localhost.localdomain
 ([2402:800:6374:f359:effc:5180:3a91:1887])
        by smtp.gmail.com with ESMTPSA id
 g14sm609248pfh.49.2020.04.20.16.54.58
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 20 Apr 2020 16:54:59 -0700 (PDT)
From: =?utf-8?b?xJBvw6BuIFRy4bqnbiBDw7RuZyBEYW5o?=  <congdanhqx@gmail.com>
To: git@vger.kernel.org
Cc: =?utf-8?b?xJBvw6BuIFRy4bqnbiBDw7RuZyBEYW5o?=  <congdanhqx@gmail.com>
Subject: [PATCH v3 1/3] t4254: merge 2 steps of a single test
Date: Tue, 21 Apr 2020 06:54:34 +0700
Message-Id: 
 <d1bc31e692d08d73bc577f737b0190e163440ee9.1587426713.git.congdanhqx@gmail.com>
X-Mailer: git-send-email 2.26.1.301.g55bc3eb7cb
In-Reply-To: <cover.1587426713.git.congdanhqx@gmail.com>
References: <20200418035449.9450-1-congdanhqx@gmail.com>
 <cover.1587426713.git.congdanhqx@gmail.com>
MIME-Version: 1.0
Sender: git-owner@vger.kernel.org
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

While we are at it, make sure we run a clean up after testing.
In a later patch, we will test for more corrupted patch.

Signed-off-by: Đoàn Trần Công Danh <congdanhqx@gmail.com>
---
 t/t4254-am-corrupt.sh | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/t/t4254-am-corrupt.sh b/t/t4254-am-corrupt.sh
index fd3bdbfe2c..ddd35498db 100755
--- a/t/t4254-am-corrupt.sh
+++ b/t/t4254-am-corrupt.sh
@@ -25,10 +25,8 @@ test_expect_success setup '
 #   fatal: unable to write file '(null)' mode 100644: Bad address
 # Also, it had the unwanted side-effect of deleting f.
 test_expect_success 'try to apply corrupted patch' '
-	test_must_fail git -c advice.amWorkDir=false am bad-patch.diff 2>actual
-'
-
-test_expect_success 'compare diagnostic; ensure file is still here' '
+	test_when_finished "git am --abort" &&
+	test_must_fail git -c advice.amWorkDir=false am bad-patch.diff 2>actual &&
 	echo "error: git diff header lacks filename information (line 4)" >expected &&
 	test_path_is_file f &&
 	test_i18ncmp expected actual

From patchwork Mon Apr 20 23:54:35 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?xJBvw6BuIFRy4bqnbiBDw7RuZyBEYW5o?=
 <congdanhqx@gmail.com>
X-Patchwork-Id: 11500085
Return-Path: <SRS0=xG8z=6E=vger.kernel.org=git-owner@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5B20E15AB
	for <patchwork-git@patchwork.kernel.org>;
 Mon, 20 Apr 2020 23:55:05 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 4407D2082E
	for <patchwork-git@patchwork.kernel.org>;
 Mon, 20 Apr 2020 23:55:05 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b="n4GOXQYa"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726606AbgDTXzE (ORCPT
        <rfc822;patchwork-git@patchwork.kernel.org>);
        Mon, 20 Apr 2020 19:55:04 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54160 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-FAIL-OK-FAIL)
        by vger.kernel.org with ESMTP id S1725988AbgDTXzD (ORCPT
        <rfc822;git@vger.kernel.org>); Mon, 20 Apr 2020 19:55:03 -0400
Received: from mail-pg1-x544.google.com (mail-pg1-x544.google.com
 [IPv6:2607:f8b0:4864:20::544])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 90896C061A0E
        for <git@vger.kernel.org>; Mon, 20 Apr 2020 16:55:02 -0700 (PDT)
Received: by mail-pg1-x544.google.com with SMTP id o10so2662092pgb.6
        for <git@vger.kernel.org>; Mon, 20 Apr 2020 16:55:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=KqtItZC+XixwTYcTckqk84K5rYg4Z4qSVRZCTYhA3fU=;
        b=n4GOXQYaoMg11rubuNRi39UHEhHfT+H2nf9CpdInXyRqgNgVQ/m5B+Qpk7T19lerWv
         vLXlqBpzzMxEH/5okdctit72gbg306Ni/vUyuco8ufzohz9/g9vaxXp6lUp+pWk3qjr5
         3CzP8w+oTPafxgj8HZjeRIpYWDiOyNBCMBkoFvPl/oN9a0jodbWdS1r8MR10Eo4INipC
         KglIjo9/H2EVODt/oNcgYjiAJjD7QlJH/OBl+vKJD5OY+taM94keq7Fh9Ui7z3cKkzse
         +XqjgB+AeeWXs1XcPp5idZJE+CtlTYVw0ofeh6TwchpVhnkoFSNje31N6gRvYAI4NQbL
         +/JQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=KqtItZC+XixwTYcTckqk84K5rYg4Z4qSVRZCTYhA3fU=;
        b=OD8aRa7ZYPjbf0e1tSLKuI2gVxzaU27a+kwK6c0ECAyDZfvcX7B86hLnvnQLKEjnmj
         p7uxvla1qxtl3XRAiV4dqlBCeETEc6V1JoA+fStIqb3DhM2DBmlC2ntqUsdSdZaE923A
         CPS8iOWz+pxM8fHo2gjmqcOyuqa5Q0KQrQXl9EF6lMlZ2nOq8R1LSC48clnC2Wczh1Lk
         lKi86pV0h5vJDj5pjv2fEEUIVWb3FzM/T0/tGCbgW95K3931x12icAuYebIhOrHSONbQ
         72n/+F1Rg8lCtRvZaOXkjYL+pm24DAejWUBA1JwH2gkYJ4ChbJ90TM3V3AdPAocWbJr4
         QRJA==
X-Gm-Message-State: AGi0PubP/bvzO0iEk3byxyTiJpxxcyv5E8+HaMLxoASY/zGWSPaUXu/G
        r8K7n8PYOlbFgLU5joCY3aAyV2XW
X-Google-Smtp-Source: 
 APiQypIOHmS3phrcbyXkXm01Nwtth8PporldYIlx7tq5oWDuvHxo2g45BsYmRkQIxiSfsxnytUirtg==
X-Received: by 2002:a65:62c7:: with SMTP id m7mr18129308pgv.16.1587426901776;
        Mon, 20 Apr 2020 16:55:01 -0700 (PDT)
Received: from localhost.localdomain
 ([2402:800:6374:f359:effc:5180:3a91:1887])
        by smtp.gmail.com with ESMTPSA id
 g14sm609248pfh.49.2020.04.20.16.55.00
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 20 Apr 2020 16:55:01 -0700 (PDT)
From: =?utf-8?b?xJBvw6BuIFRy4bqnbiBDw7RuZyBEYW5o?=  <congdanhqx@gmail.com>
To: git@vger.kernel.org
Cc: =?utf-8?b?xJBvw6BuIFRy4bqnbiBDw7RuZyBEYW5o?=  <congdanhqx@gmail.com>
Subject: [PATCH v3 2/3] mailinfo.c: avoid strlen on strings that can contains
 NUL
Date: Tue, 21 Apr 2020 06:54:35 +0700
Message-Id: 
 <97ede4aab2ece936eab3caf06db5a8f5d0eea4ba.1587426713.git.congdanhqx@gmail.com>
X-Mailer: git-send-email 2.26.1.301.g55bc3eb7cb
In-Reply-To: <cover.1587426713.git.congdanhqx@gmail.com>
References: <20200418035449.9450-1-congdanhqx@gmail.com>
 <cover.1587426713.git.congdanhqx@gmail.com>
MIME-Version: 1.0
Sender: git-owner@vger.kernel.org
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

We're passing buffer from strbuf to reencode_string,
which will call strlen(3) on that buffer,
and discard the length of newly created buffer.
Then, we compute the length of the return buffer to attach to strbuf.

During this process, we introduce a discrimination between mail
originally written in utf-8 and other encoding.

* if the email was written in utf-8, we leave it as is. If there is
  a NUL character in that line, we complains loudly:

  	error: a NUL byte in commit log message not allowed.

* if the email was written in other encoding, we truncate the data as
  the NUL character in that line, then we used the truncated line for
  the metadata.

We can do better by reusing all the available information,
and call the underlying lower level function that will be called
indirectly by reencode_string. By doing this, we will also postpone
the NUL character processing to the commit step, which will
complains about the faulty metadata.

Signed-off-by: Đoàn Trần Công Danh <congdanhqx@gmail.com>
---
 mailinfo.c            |  6 ++++--
 t/t4254-am-corrupt.sh | 44 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 48 insertions(+), 2 deletions(-)

diff --git a/mailinfo.c b/mailinfo.c
index 742fa376ab..0e9911df6d 100644
--- a/mailinfo.c
+++ b/mailinfo.c
@@ -447,19 +447,21 @@ static int convert_to_utf8(struct mailinfo *mi,
 			   struct strbuf *line, const char *charset)
 {
 	char *out;
+	size_t out_len;
 
 	if (!mi->metainfo_charset || !charset || !*charset)
 		return 0;
 
 	if (same_encoding(mi->metainfo_charset, charset))
 		return 0;
-	out = reencode_string(line->buf, mi->metainfo_charset, charset);
+	out = reencode_string_len(line->buf, line->len,
+				  mi->metainfo_charset, charset, &out_len);
 	if (!out) {
 		mi->input_error = -1;
 		return error("cannot convert from %s to %s",
 			     charset, mi->metainfo_charset);
 	}
-	strbuf_attach(line, out, strlen(out), strlen(out));
+	strbuf_attach(line, out, out_len, out_len);
 	return 0;
 }
 
diff --git a/t/t4254-am-corrupt.sh b/t/t4254-am-corrupt.sh
index ddd35498db..1bbc37bc92 100755
--- a/t/t4254-am-corrupt.sh
+++ b/t/t4254-am-corrupt.sh
@@ -3,6 +3,37 @@
 test_description='git am with corrupt input'
 . ./test-lib.sh
 
+make_mbox_with_nul () {
+	space=' '
+	q_nul_in_subject=
+	q_nul_in_body=
+	while test $# -ne 0
+	do
+		case "$1" in
+		subject) q_nul_in_subject='=00' ;;
+		body)    q_nul_in_body='=00' ;;
+		esac &&
+		shift
+	done &&
+	cat <<-EOF
+	From ec7364544f690c560304f5a5de9428ea3b978b26 Mon Sep 17 00:00:00 2001
+	From: A U Thor <author@example.com>
+	Date: Sun, 19 Apr 2020 13:42:07 +0700
+	Subject: [PATCH] =?ISO-8859-1?q?=C4=CB${q_nul_in_subject}=D1=CF=D6?=
+	MIME-Version: 1.0
+	Content-Type: text/plain; charset=ISO-8859-1
+	Content-Transfer-Encoding: quoted-printable
+
+	abc${q_nul_in_body}def
+	---
+	diff --git a/afile b/afile
+	new file mode 100644
+	index 0000000000..e69de29bb2
+	--$space
+	2.26.1
+	EOF
+}
+
 test_expect_success setup '
 	# Note the missing "+++" line:
 	cat >bad-patch.diff <<-\EOF &&
@@ -32,4 +63,17 @@ test_expect_success 'try to apply corrupted patch' '
 	test_i18ncmp expected actual
 '
 
+test_expect_success "NUL in commit message's body" '
+	test_when_finished "git am --abort" &&
+	make_mbox_with_nul body >body.patch &&
+	test_must_fail git am body.patch 2>err &&
+	grep "a NUL byte in commit log message not allowed" err
+'
+
+test_expect_failure "NUL in commit message's header" "
+	test_when_finished 'git am --abort' &&
+	make_mbox_with_nul subject >subject.patch &&
+	test_must_fail git am subject.patch
+"
+
 test_done

From patchwork Mon Apr 20 23:54:36 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?xJBvw6BuIFRy4bqnbiBDw7RuZyBEYW5o?=
 <congdanhqx@gmail.com>
X-Patchwork-Id: 11500087
Return-Path: <SRS0=xG8z=6E=vger.kernel.org=git-owner@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BC55215AB
	for <patchwork-git@patchwork.kernel.org>;
 Mon, 20 Apr 2020 23:55:06 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id A4A3B2082E
	for <patchwork-git@patchwork.kernel.org>;
 Mon, 20 Apr 2020 23:55:06 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b="GWtw0E1M"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726707AbgDTXzF (ORCPT
        <rfc822;patchwork-git@patchwork.kernel.org>);
        Mon, 20 Apr 2020 19:55:05 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54166 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-FAIL-OK-FAIL)
        by vger.kernel.org with ESMTP id S1726498AbgDTXzE (ORCPT
        <rfc822;git@vger.kernel.org>); Mon, 20 Apr 2020 19:55:04 -0400
Received: from mail-pl1-x644.google.com (mail-pl1-x644.google.com
 [IPv6:2607:f8b0:4864:20::644])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3864BC061A0E
        for <git@vger.kernel.org>; Mon, 20 Apr 2020 16:55:04 -0700 (PDT)
Received: by mail-pl1-x644.google.com with SMTP id ay1so4574138plb.0
        for <git@vger.kernel.org>; Mon, 20 Apr 2020 16:55:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=bkCvmE7nCoAZ/1AnoRi1wMCy+PT/p2KN0W7on/ka+eI=;
        b=GWtw0E1M8ulXb1CVIBg7XZCf9/s+SaNT5+VbPPSVoqBDXbw7kR+w/IoVwL/t9l9TP8
         8wbXARAIH8/3rYpF0jWn5QzpFS2RiD282IGSdQHb+JFzfnT4mRusYIu1RlkRuNRQXHRt
         PPZngUjZWlpPnFk9vxH2lyVKJw8tBA2Rc+MdhQaRAWbgt1vEynhEpyjgfNsiqSA3aB3P
         PFXnKb9UDth5Ovo8VHT+MpOijLBPDeyoJvH6qWRtZvSu+4nKty0oMUDNeWrsEivTntjK
         MnzSjO2e2CudHPa8Ngh9P01qoCpFZXTrlIIPoao27FlAYI79LSDXlokH7rHCIWgwsJdO
         VaWw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=bkCvmE7nCoAZ/1AnoRi1wMCy+PT/p2KN0W7on/ka+eI=;
        b=bJNltuZu/fhT/RF/nbeg7L3Axkm8HL95JwgbQkYDcaszQuFLUZNCQ8NRtqTNobhxcP
         gRHNQnlRyne6tHVd+Y6ixGre3FM2miDlmbkJJMeob/rxQxUH02O5bRg1o0coactGWtBG
         skK5BDj9GsQETYc6UT2+nlSDBPdGP/2O0ikCSWd3xIpm7CrWhXi8DvJhO0oESNx7d3dT
         94KvMMgI//jRsp3euzqwSNema+LUhkexZj2sQwZSwT7r9VTB0nPnDsIsKjO20v7YaLWA
         OOLE4XQjCr824HrFSI+uUSBtz9tzoaxfG5JKfcynaDzd/yKO2Yk/7j8EhYbN/S0RlWl7
         T2TA==
X-Gm-Message-State: AGi0PuYGH52MOEClJAnAImsqSTU+X58mL1RSShFy10imHqYISKzyWT1M
        hc3OdY5M+73FHAKiRhVYswmRHiNy
X-Google-Smtp-Source: 
 APiQypJw/xLgCeBZkzdI9gNm0cY2WeqqBMyjEuuXSo6zQlnQN97KD/WtXQzvFAns6ggKKN7dpIchow==
X-Received: by 2002:a17:90a:1955:: with SMTP id
 21mr2181596pjh.25.1587426903541;
        Mon, 20 Apr 2020 16:55:03 -0700 (PDT)
Received: from localhost.localdomain
 ([2402:800:6374:f359:effc:5180:3a91:1887])
        by smtp.gmail.com with ESMTPSA id
 g14sm609248pfh.49.2020.04.20.16.55.02
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 20 Apr 2020 16:55:02 -0700 (PDT)
From: =?utf-8?b?xJBvw6BuIFRy4bqnbiBDw7RuZyBEYW5o?=  <congdanhqx@gmail.com>
To: git@vger.kernel.org
Cc: =?utf-8?b?xJBvw6BuIFRy4bqnbiBDw7RuZyBEYW5o?=  <congdanhqx@gmail.com>
Subject: [PATCH v3 3/3] mailinfo: disallow NUL character in mail's header
Date: Tue, 21 Apr 2020 06:54:36 +0700
Message-Id: 
 <b2e760227e4c80af67ce3c1c405207dc7a1f7bf4.1587426713.git.congdanhqx@gmail.com>
X-Mailer: git-send-email 2.26.1.301.g55bc3eb7cb
In-Reply-To: <cover.1587426713.git.congdanhqx@gmail.com>
References: <20200418035449.9450-1-congdanhqx@gmail.com>
 <cover.1587426713.git.congdanhqx@gmail.com>
MIME-Version: 1.0
Sender: git-owner@vger.kernel.org
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Signed-off-by: Đoàn Trần Công Danh <congdanhqx@gmail.com>
---
 mailinfo.c            | 5 +++++
 t/t4254-am-corrupt.sh | 7 +++++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/mailinfo.c b/mailinfo.c
index 0e9911df6d..5681d9130d 100644
--- a/mailinfo.c
+++ b/mailinfo.c
@@ -1138,6 +1138,11 @@ static void handle_info(struct mailinfo *mi)
 		else
 			continue;
 
+		if (memchr(hdr->buf, '\0', hdr->len)) {
+			error("a NUL byte in '%s' is not allowed.", header[i]);
+			mi->input_error = -1;
+		}
+
 		if (!strcmp(header[i], "Subject")) {
 			if (!mi->keep_subject) {
 				cleanup_subject(mi, hdr);
diff --git a/t/t4254-am-corrupt.sh b/t/t4254-am-corrupt.sh
index 1bbc37bc92..daf01c309d 100755
--- a/t/t4254-am-corrupt.sh
+++ b/t/t4254-am-corrupt.sh
@@ -70,10 +70,13 @@ test_expect_success "NUL in commit message's body" '
 	grep "a NUL byte in commit log message not allowed" err
 '
 
-test_expect_failure "NUL in commit message's header" "
+test_expect_success "NUL in commit message's header" "
 	test_when_finished 'git am --abort' &&
 	make_mbox_with_nul subject >subject.patch &&
-	test_must_fail git am subject.patch
+	test_must_fail git mailinfo msg patch <subject.patch 2>err &&
+	grep \"a NUL byte in 'Subject' is not allowed\" err &&
+	test_must_fail git am subject.patch 2>err &&
+	grep \"a NUL byte in 'Subject' is not allowed\" err
 "
 
 test_done