Added full output test to test-scan.

[nmh] / test / mhshow / test-textcharset

diff --git a/test/mhshow/test-textcharset b/test/mhshow/test-textcharset
index f8d854fc1428d7117a7e3e4d627b388a47a97486..e0b154b9e859ee9a51d0724fac731bbcef474b7c 100755 (executable)
--- a/test/mhshow/test-textcharset
+++ b/test/mhshow/test-textcharset
@@ -20,8 +20,7 @@ if test "$ICONV_ENABLED" -eq 0; then
   test_skip 'test-textcharset requires that nmh have been built with iconv'
 fi
 
   test_skip 'test-textcharset requires that nmh have been built with iconv'
 fi
 

-require_locale en_US.utf-8 en_US.utf8
-LC_ALL=en_US.UTF-8; export LC_ALL
+require_locale en_US.UTF-8 en_US.UTF8 en_US.utf-8 en_US.utf8

 
 expected="$MH_TEST_DIR"/$$.expected
 actual="$MH_TEST_DIR"/$$.actual
 
 expected="$MH_TEST_DIR"/$$.expected
 actual="$MH_TEST_DIR"/$$.actual


@@ -306,6 +305,23 @@ EOF
 run_prog mhshow last >"$actual" 2>&1
 check "$expected" "$actual" : parameter value quoting with text following
 
 run_prog mhshow last >"$actual" 2>&1
 check "$expected" "$actual" : parameter value quoting with text following
 

+# check malicious parameter value quoting
+msgfile=`mhpath new`
+msgnum=`basename $msgfile`
+cat >"$msgfile" <<'EOF'
+Subject: shows difficulty of quoting with /bin/sh -c
+MIME-Version: 1.0
+Content-Type: text/html; charset="oops'; echo should not see this!"
+
+EOF
+
+cat >"$expected" <<EOF
+[ part  - text/html -   0B  ]
+EOF
+
+run_prog mhshow -noheader -form mhl.null last 2>&1 | squeeze_whitespace >"$actual"
+check "$expected" "$actual" : malicious parameter value quoting
+

 #
 # test a large file that needs to be converted to UTF-8
 #
 #
 # test a large file that needs to be converted to UTF-8
 #