glog is used on a variety of systems, and we must assume that some of
them still use vulnerable mailers that have bugs or "interesting
features" such as https://nvd.nist.gov/vuln/detail/CVE-2004-2771.
Let's protect users against accidental shell injection by validating
the email addresses against a slightly stricter version of the regex
used by HTML5 to validate addresses[1].
This should prevent triggering any unexpected behavior in these tools.
Also add some basic unit tests for the SendEmail method.
[1] https://html.spec.whatwg.org/multipage/input.html#valid-e-mail-address
1. Initializing std::ostringstream with a string makes no sense, as the
string becomes an initial value of an underlying buffer; seek-to-end
is not performed, so the initial value gets completely overwritten by
subsequent writing.
2. Flag `log_year_in_prefix` should be considered, as if formatting a
regular logging message.
3. Writing a buffer to std::ostream is better expressed with write(s,n).
As specified in the doc comment for SetLogger, "the logger becomes the
property of the logging module and should not be deleted by the caller".
Not only should the LogDestination delete a custom logger in its
destructor, but it should also delete a previous logger when another
logger is passed to SetLogger().
Co-authored-by: Sergiu Deitsch <sergiud@users.noreply.github.com>
Log lines can be customized for parsing by an external tool.
To simplify such customization and parsing, there should be an option to
customize the file header, or at least to disable adding it.
Currently, glog allows to use of logtostderr to send error logs to
stderr, but many log tailers would regard logs from stderr as error
logs. So we want to send non-error logs to stdout and only send error
logs to stderr according to the stderrthreshold.
The flag allows suppressing the year in the log line prefix. At the same
time, the flag allows to generate log output compatible to glog releases
prior to version 0.5.
Since the value of `LogCleaner::overdue_days_` should be >= 0,
we can simply make it an unsigned int which also avoids
unnecessary assertions.
Signed-off-by: Marco Wang <m.aesophor@gmail.com>
* Fix MungeLine() for log lines that are longer than 5 characters
* Match order of log statements in logging_unittest.cc and logging_unittest.err
* Update logging_custom_prefix_unittest.cc and logging_custom_prefix_unittest.err to match logging_unittest.cc and logging_unittest.err
* Save the stream state and set the fill character before calling into a custom_prefix_callback
