bug#40397: 28.0.50; epg decrypt does not verify signed content in smime

[Noam Postavsky <npostavs@gmail.com>]

Sebastian Fieber <sebastian.fieber@web.de> writes:

> On So, Apr 05 2020, Noam Postavsky <npostavs@gmail.com> wrote:
>
>> Sebastian Fieber <sebastian.fieber@web.de> writes:
>>
>>> -  (while (search-forward "\r\n" nil t)
>>> +  (while (search-forward-regexp "\r\n|\^M\n" nil t)
>>
>> This can't be right, it would search for a literal "|" on an otherwise
>> empty line.  And if you put "\\|" which is what I think you meant, then
>> both alternatives would be the same, so it still doesn't make sense.
>
> Yes, and there is another problem with this. Should have tested this mit
> emacs -Q. Let me fix that and prepare a new patch.

This hunk looks a bit suspicious to me as well, I don't think you can
apply operators like "?" to anchors.

@@ -759,7 +782,7 @@ MIME-Version header before proceeding."
         (mb enable-multibyte-characters)
         beg)
     (goto-char (point-min))
-    (search-forward-regexp "^\n" nil 'move) ;; There might be no body.
+    (search-forward-regexp "^?\n" nil 'move) ;; There might be no body.
     (setq beg (point))
     (with-current-buffer
           (generate-new-buffer " *mm*")

> Since you have looked over the patch: What do you think about the
> approach to internally structure application/pkcs7-mime parts like
> multipart parts containing the mime type with text properties until the
> decrypted, maybe verified singlepart in the car of the handle?

Sorry, I'm not familiar enough with how this code is currently
structured to say anything intelligent about that.