Fix issue 185: Enforce CRLF and sanitize header fields (#186)

Edward-LeBlanc · web-flow · commit d995617783c9 · 2025-07-14T15:06:54.000+03:00
* Added sanitizing header fields (remove \r, \n) preventing malicious injection.
Added replacing naked LFs and CRs with CRLF to be compliant with SMTP standard (RFC 5321).
In SmtpClient.h, replace Q_ENUMS with individual Q_ENUM, added string() function for enum types.

* Corrected choice of variables.
MAde QRegularExpressions static.

* Made QRegExpressions const, added QRegularExpression::DontCaptureOption.
Made names more expressive.

* Roll back "sanitization" changes.

* Fix empty line mismatch in rollback.
diff --git a/src/smtpclient.h b/src/smtpclient.h
@@ -1,5 +1,5 @@
 /*
-  Copyright (c) 2011-2012 - Tőkés Attila
+  Copyright (c) 2011-2025 - Tőkés Attila
 
   This file is part of SmtpClient for Qt.
 
@@ -19,6 +19,8 @@
 #ifndef SMTPCLIENT_H
 #define SMTPCLIENT_H
 
+#include <QMetaEnum>
+
 #include <QObject>
 #include <QtNetwork/QSslSocket>
 #include <QEventLoop>
@@ -29,7 +31,6 @@
 class SMTP_MIME_EXPORT SmtpClient : public QObject
 {
     Q_OBJECT
-    Q_ENUMS (AuthMethod SmtpError ConnectionType ClientState)
 public:
 
     /* [0] Enumerations */
@@ -39,6 +40,7 @@ class SMTP_MIME_EXPORT SmtpClient : public QObject
         AuthPlain,
         AuthLogin
     };
+    Q_ENUM(AuthMethod)
 
     enum SmtpError
     {
@@ -50,13 +52,15 @@ class SMTP_MIME_EXPORT SmtpClient : public QObject
         ClientError = 5,    // 5xx smtp error
         SocketError = 6
     };
+    Q_ENUM(SmtpError)
 
     enum ConnectionType
     {
         TcpConnection = 0,
         SslConnection = 1,
         TlsConnection = 2      // STARTTLS
     };
+    Q_ENUM(ConnectionType)
 
     enum ClientState {
         UnconnectedState = 0,
@@ -99,6 +103,14 @@ class SMTP_MIME_EXPORT SmtpClient : public QObject
         _MAIL_3_DATA = 84,
         _MAIL_4_SEND_DATA = 85
     };
+    Q_ENUM(ClientState)
+
+    template <typename enumType>
+    static QString string(enumType v)
+    {
+        static QMetaEnum metaEnum = QMetaEnum::fromType<enumType>();
+        return metaEnum.valueToKey(static_cast<int>(v));
+    }
 
     /* [0] --- */
 
