Hi Kevin, On Tuesday, 2021-04-27 10:17:29 -0700, Kevin J. McCarthy wrote:
> What if we added an allow_8bit parameter to the function, that also passed > through bytes with the 8th bit set? I'd keep this set off in all other > invocations except the mailcap invocations. Allowing *all* 8-bit may be ill advised. I'd disallow at least resulting U+0080 to U+009F Unicode control characters (C1 control codes). Also exclude the non-characters U+FFFE and U+FFFF. But, what text encoding are we actually talking about? 8bit suggests UTF-8 encoding or ISO-8859-... code pages (not assuming EBCDIC ;P). I don't see that mutt_buffer_sanitize_filename() or its calling contexts have any notion about text encoding. Assuming UTF-8 (as path names are supposed to be), check for valid sequences? Eike -- OpenPGP/GnuPG encrypted mail preferred in all private communication. GPG key 0x6A6CD5B765632D3A - 2265 D7F3 A7B0 95CC 3918 630B 6A6C D5B7 6563 2D3A Use LibreOffice! https://www.libreoffice.org/
signature.asc
Description: PGP signature
