Ah interesting. I use git-format-patch instead of git-send-email myself, so I can re-read the resulting mbox before sending it. I always thought of git-send-email as a wrapper that just passed most options straight through to format-patch, but sounds like it does something more with --from.
I haven't read builtin/log.c (edit: and pretty.c) to check how risky the From: field actually is. It might be that it is guaranteed to be properly/safely quoted by git - but it might not be too! When I embedded a " in the author name by hand, the From: line was correctly quoted as
From: "first\"last" <email@email>
but that's no guarantee that it's done for every malicious author/committer without inspecting the code.
I haven't read builtin/log.c (edit: and pretty.c) to check how risky the From: field actually is. It might be that it is guaranteed to be properly/safely quoted by git - but it might not be too! When I embedded a " in the author name by hand, the From: line was correctly quoted as
but that's no guarantee that it's done for every malicious author/committer without inspecting the code.