Closed Isma399 closed 6 months ago
In general I don't think Go strings are guaranteed to contain valid UTF-8. I don't think it's the responsibility of the library to convert to UTF-8, it would probably be incorrect to do so (e-mail standards allow non-UTF-8 encodings).
Hello,
I'm wondering in this entrypoint of client data should better be checked: https://github.com/emersion/go-milter/blob/d69e17e0d387cba72aaf52b94113de9f924f93a6/session.go#L179 or in https://github.com/emersion/go-milter/blob/d69e17e0d387cba72aaf52b94113de9f924f93a6/cstrings.go#L12
Because invalid bytes can then be forwarded to milter_client and cause unexpected behavior.
I am not sure but maybe it's needed here to use utf8.ValidString() or utf8.RuneError() before pushing it to []string ? Or this processing should be handled by the go-milter users?