Ticket 151 - strip leading '-' for mailcap sanitize

Cameron Simpson cs at cskk.id.au
Fri Jun 21 22:38:37 UTC 2019

On 21Jun2019 12:20, Kevin J. McCarthy <kevin at 8t8.us> wrote:
>On Fri, Jun 21, 2019 at 12:09:19PM -0700, Kevin J. McCarthy wrote:
>><https://gitlab.com/muttmua/mutt/issues/151> noticed that a leading 
>>'-' is not stripped from filenames, which could lead to them being 
>>interpreted as command arguments.
>Just to be clear, the ticket is actually advocating for sanitizing the 
>leading "-", into "_" as other unsafe characters are.  I further 
>wonder if we should just remove "-" from the whitelist rather than 
>adding a special case for it.
>As always, any feedback or historical context is very welcome.

Please don't. Add a "./" prefix. That way the filename is unchanged in 

If you're _generating_ a scratch filename then avoiding various things 
is fine, but if you're _using_ a supplied filename then any portion of 
it may be significant to the target receiving it. So don't muck with it, 
just render it unoptionlike with a leading "./".

Cameron Simpson <cs at cskk.id.au>

More information about the Mutt-dev mailing list