From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <amdragon@mit.edu>
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id 07812431FBD
	for <notmuch@notmuchmail.org>; Sun, 30 Dec 2012 22:42:53 -0800 (PST)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: -0.7
X-Spam-Level: 
X-Spam-Status: No, score=-0.7 tagged_above=-999 required=5
	tests=[RCVD_IN_DNSWL_LOW=-0.7] autolearn=disabled
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id EbO6ohPmdR2V for <notmuch@notmuchmail.org>;
	Sun, 30 Dec 2012 22:42:52 -0800 (PST)
Received: from dmz-mailsec-scanner-4.mit.edu (DMZ-MAILSEC-SCANNER-4.MIT.EDU
	[18.9.25.15])
	by olra.theworths.org (Postfix) with ESMTP id 26502431FB6
	for <notmuch@notmuchmail.org>; Sun, 30 Dec 2012 22:42:52 -0800 (PST)
X-AuditID: 1209190f-b7f016d000000e07-af-50e133eb4e52
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39])
	by dmz-mailsec-scanner-4.mit.edu (Symantec Messaging Gateway) with SMTP
	id FB.5C.03591.BE331E05; Mon, 31 Dec 2012 01:42:51 -0500 (EST)
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103])
	by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id qBV6gohR026113; 
	Mon, 31 Dec 2012 01:42:50 -0500
Received: from drake.dyndns.org (c-76-21-105-205.hsd1.ca.comcast.net
	[76.21.105.205]) (authenticated bits=0)
	(User authenticated as amdragon@ATHENA.MIT.EDU)
	by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id qBV6gkFX009881
	(version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT);
	Mon, 31 Dec 2012 01:42:49 -0500 (EST)
Received: from amthrax by drake.dyndns.org with local (Exim 4.77)
	(envelope-from <amdragon@mit.edu>)
	id 1TpZ5C-0000ij-2u; Mon, 31 Dec 2012 01:42:46 -0500
From: Austin Clements <amdragon@MIT.EDU>
To: notmuch@notmuchmail.org
Subject: [PATCH v4 3/5] dump: Disallow \n in message IDs
Date: Mon, 31 Dec 2012 01:42:40 -0500
Message-Id: <1356936162-2589-4-git-send-email-amdragon@mit.edu>
X-Mailer: git-send-email 1.7.10.4
In-Reply-To: <1356936162-2589-1-git-send-email-amdragon@mit.edu>
References: <1356936162-2589-1-git-send-email-amdragon@mit.edu>
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrNIsWRmVeSWpSXmKPExsUixG6nrvva+GGAwf5XhhY3WrsZLZqmO1us
	nstjcf3mTGaLNyvnsTqweuycdZfd4/DXhSwet+6/Zvd4tuoWs8eWQ++ZA1ijuGxSUnMyy1KL
	9O0SuDKuzO9nLVguWLHr+RXmBsZbvF2MnBwSAiYSD058ZIewxSQu3FvP1sXIxSEksI9RYuqb
	q6wQzgZGifcvT0BlLjJJHNu4nhnCmcso8enYOkaQfjYBDYlt+5eD2SIC0hI7784Ga2cWaGKU
	uLZpLhtIQljAQmLDnx1gC1kEVCUWvHrIDGLzCthL/Fz0ihXiEEWJ7mcTwOo5BRwkdj6bxQJi
	CwHV7N57nnECI/8CRoZVjLIpuVW6uYmZOcWpybrFyYl5ealFuiZ6uZkleqkppZsYQWHIKcm/
	g/HbQaVDjAIcjEo8vBxMDwOEWBPLiitzDzFKcjApifIqAYNYiC8pP6UyI7E4I76oNCe1+BCj
	BAezkgjvWy2gHG9KYmVValE+TEqag0VJnPdqyk1/IYH0xJLU7NTUgtQimKwMB4eSBO8GI6BG
	waLU9NSKtMycEoQ0EwcnyHAeoOEfQWp4iwsSc4sz0yHypxgVpcR5n4MkBEASGaV5cL2wNPGK
	URzoFWHe8yBVPMAUA9f9CmgwE9BgLYYHIINLEhFSUg2MUUJHXxYEbH3FM6fqzRqPaQvOzOGc
	ceGlwypJseB5yuE/jwYXzpO2WavDJ8hWGSZxrOFkbvmDT94VDYXiIm3PP4ecXrHBllumYfbT
	jYKr4iet35157Zrkq+mM1jdnzItfJtA7XY65ITH2xNGO2Fdz1bbwbAhhv21SvO/f/eAX7+/O
	6Xco3BUgqsRSnJFoqMVcVJwIAD8eXB/uAgAA
Cc: tomi.ollila@iki.fi
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Dec 2012 06:42:53 -0000

When we switch to using regular Xapian queries in the dump format, \n
will cause problems, so we disallow it.  Specially, while Xapian can
quote and parse queries containing \n without difficultly, quoted
queries containing \n still span multiple lines, which breaks the
line-orientedness of the dump format.  Strictly speaking, we could
still round-trip these, but it would significantly complicate restore
as well as scripts that deal with tag dumps.  This complexity would
come at absolutely no benefit: because of the RFC 2822 unfolding
rules, no amount of standards negligence can produce a message with a
message ID containing a line break (not even Outlook can do it!).

Hence, we simply disallow it.
---
 notmuch-dump.c       |    9 +++++++++
 test/random-corpus.c |    4 +++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/notmuch-dump.c b/notmuch-dump.c
index d2dad40..29d79da 100644
--- a/notmuch-dump.c
+++ b/notmuch-dump.c
@@ -132,6 +132,15 @@ notmuch_dump_command (unused (void *ctx), int argc, char *argv[])
 	if (output_format == DUMP_FORMAT_SUP) {
 	    fputs (")\n", output);
 	} else {
+	    if (strchr (message_id, '\n')) {
+		/* This will produce a line break in the output, which
+		 * would be difficult to handle in tools.  However,
+		 * it's also impossible to produce an email containing
+		 * a line break in a message ID because of unfolding,
+		 * so we can safely disallow it. */
+		fprintf (stderr, "Error: cannot dump message id containing line break: %s\n", message_id);
+		return 1;
+	    }
 	    if (hex_encode (notmuch, message_id,
 			    &buffer, &buffer_size) != HEX_SUCCESS) {
 		    fprintf (stderr, "Error: failed to hex-encode msg-id %s\n",
diff --git a/test/random-corpus.c b/test/random-corpus.c
index f354d4b..8b7748e 100644
--- a/test/random-corpus.c
+++ b/test/random-corpus.c
@@ -96,7 +96,9 @@ random_utf8_string (void *ctx, size_t char_count)
 	    buf = talloc_realloc (ctx, buf, gchar, buf_size);
 	}
 
-	randomchar = random_unichar ();
+	do {
+	    randomchar = random_unichar ();
+	} while (randomchar == '\n');
 
 	written = g_unichar_to_utf8 (randomchar, buf + offset);
 
-- 
1.7.10.4