lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 8 Apr 2020 13:28:53 -0400
From:   Jeff King <peff@...f.net>
To:     Joe Perches <joe@...ches.com>
Cc:     Olaf Hering <olaf@...fle.de>, linux-kernel@...r.kernel.org,
        git@...r.kernel.org
Subject: Re: get_maintainer.pl sends bogus addresses to git send-email

On Tue, Apr 07, 2020 at 02:56:19PM -0700, Joe Perches wrote:

> > Syntactically they are rfc822 comments, and send-email _should_ be able
> > to handle them (and does in recent versions).
> 
> I'm not certain that comments are allowed _after_ a tld in an
> email address.  In any case, I guess it's a good thing I used
> parentheses for the get_maintainer rolestats block.

Oh, it's much more horrible than that. RFC822 contains this example:

  Muhammed.(I am  the greatest) Ali @(the)Vegas.WBA

which parses to:

  Muhammed.Ali@...as.WBA

Perl's Mail::Address does decipher that correctly.

> > > linux-kernel@...r.kernel.org (open list)
> > 
> > In this one, I think that the comment will be used as the name field,
> > since there isn't one.
> 
> I think that slightly unexpected as the name field is not required.

TBH, so do I. That's all done by Mail::Address's format() method. We
could probably convince it to be less magical, but perhaps it's best to
just leave it alone. Presumably that logic has some historical basis,
and as you note, it's a mistake to be passing these fields into
send-email in the first place.

-Peff

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ