From 564bb223eff77c087f06d4048b109cbf4bf16612 Mon Sep 17 00:00:00 2001 From: Leah Neukirchen Date: Mon, 13 Mar 2017 15:50:41 +0100 Subject: mshow: print plain text safely --- mshow.c | 57 ++++++++++++++++++++++++++++++++------------------------- 1 file changed, 32 insertions(+), 25 deletions(-) (limited to 'mshow.c') diff --git a/mshow.c b/mshow.c index 38242f9..da553bd 100644 --- a/mshow.c +++ b/mshow.c @@ -30,43 +30,43 @@ static char *Oflag; struct message *filters; static int mimecount; +static int safe_output; static char defaultAflags[] = "text/plain:text/html"; static char *Aflag = defaultAflags; +static int +printable(int c) +{ + return (unsigned)c-0x20 < 0x5f; +} + +int +print_ascii(char *body, size_t bodylen) +{ + if (safe_output) { + safe_u8putstr(body, bodylen, stdout); + return bodylen; + } else { + return fwrite(body, 1, bodylen, stdout); + } +} + void printhdr(char *hdr) { int uc = 1; - while (*hdr && *hdr != ':') { + while (*hdr && *hdr != ':' && printable(*hdr)) { putc(uc ? toupper(*hdr) : *hdr, stdout); uc = (*hdr == '-'); hdr++; } - if (*hdr) - printf("%s\n", hdr); -} - -int -print_ascii(char *body, size_t bodylen) -{ - if (!memchr(body, '\r', bodylen)) - return fwrite(body, 1, bodylen, stdout); - - // crlf normalization required - size_t i; - for (i = 0; i < bodylen; i++) { - if (body[i] == '\r') { - if (!(i+1 < bodylen && body[i+1] == '\n')) - putc_unlocked('\n', stdout); - continue; - } - putc_unlocked(body[i], stdout); + if (*hdr) { + print_ascii(hdr, strlen(hdr)); + fputc('\n', stdout); } - - return bodylen; } void @@ -529,7 +529,8 @@ print_date_header(char *v) now = time(0); } - printf("Date: %s", v); + printf("Date: "); + print_ascii(v, strlen(v)); time_t t = blaze822_date(v); if (t == -1) { @@ -608,7 +609,10 @@ print_decode_header(char *h, char *v) char d[4096]; blaze822_decode_rfc2047(d, v, sizeof d, "UTF-8"); printhdr(h); - printf(": %s\n", d); + fputc(':', stdout); + fputc(' ', stdout); + print_ascii(d, strlen(d)); + fputc('\n', stdout); } void @@ -674,7 +678,7 @@ show(char *file) printf("\n"); if (rflag || !blaze822_check_mime(msg)) { // raw body - fwrite(blaze822_body(msg), 1, blaze822_bodylen(msg), stdout); + print_ascii(blaze822_body(msg), blaze822_bodylen(msg)); goto done; } @@ -713,6 +717,9 @@ main(int argc, char *argv[]) exit(1); } + if (!rflag && !Oflag) + safe_output = 1; + if (xflag) { // extract extract(xflag, argc-optind, argv+optind, 0); } else if (Oflag) { // extract to stdout -- cgit 1.4.1