Security: Mutt and mailcap rules

Kevin J. McCarthy kevin at
Sat Jun 22 22:12:37 UTC 2019

On Sat, Jun 22, 2019 at 07:05:58AM -0700, Kevin J. McCarthy wrote:
>On Sat, Jun 22, 2019 at 06:49:03AM -0700, Kevin J. McCarthy wrote:
>>No, the setup code is complicated, as you can see from the above 
>>listed functions.  Send mode directly uses the filename if a 
>>nametemplate isn't required.
>And interestingly, it looks like the print command would fail in send 
>mode without a template.  I'll add a fix for that.

I've pushed some commits to stable and master with bug fixes and code 

I removed the return value from mutt_rfc1524_expand_filename(), and the 
"special case" handling in send-mode from attach.c.  I think this, along
with the other commits, makes the code much clearer now.

Also, I made sure the filename parameter to 
mutt_rfc1524_expand_command() is run through either 
mutt_rfc1524_expand_filename() or through the sanitize command.  The 
test field was missing this, but I don't think in practice anyone has %s 
in a test field.

Kevin J. McCarthy
GPG Fingerprint: 8975 A9B3 3AA3 7910 385C  5308 ADEF 7684 8031 6BDA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <>

More information about the Mutt-dev mailing list