SendEmail: Protect users against vulnerable logmailers

[philwo]

glog is used on a variety of systems, and we must assume that some of them still use vulnerable mailers that have bugs or "interesting features" such as https://nvd.nist.gov/vuln/detail/CVE-2004-2771.

Let's protect users against accidental shell injection by validating the email addresses against a slightly stricter version of the regex used by HTML5 to validate addresses[1].

This should prevent triggering any unexpected behavior in these tools.

Also add some basic unit tests for the SendEmail method.

[1] https://html.spec.whatwg.org/multipage/input.html#valid-e-mail-address

[philwo]

I'm not sure why the AppleClang CI job failed due to some issues with calculating code coverage. If someone could help me fix this, I'd appreciate it.

[ukai]

I'm not sure why the AppleClang CI job failed due to some issues with calculating code coverage.

hmm. using regexp is problematic??

[koto]

LGTM

[philwo]

I addressed all comments, but the coverage check on macOS still fails. I don't see how my change is related to it, and if I run the lcov commands locally on my Mac with latest Xcode they fail at even more places.

Is this just broken in general at the moment due to latest Xcode being stricter / buggy?

[philwo]

@sergiud Do you have some advice what to do about the code coverage errors?

[sergiud]

Thanks for bringing the issue to my attention. Let me look into it.

[sergiud]

We can ignore the coverage problem as it is a separate issue.

[philwo]

Seems like we're good? You mentioned that the coverage failure on Apple is a separate issue, and the Windows clang build failure on Bazel CI also happens on the master branch, so seems unrelated. 😊

[philwo]

My friends in the Bazel team said that the Windows clang failure should be fixed in Bazel 6.4.0 LTS: bazelbuild/bazel#19430

[sergiud]

Thanks! This is good to go now!