Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: SpamAssassin: commits

svn commit: r834191 - /spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm

  

 
SpamAssassin commits RSS feed   Index | Next | Previous | View Threaded


mmartinec at apache

Nov 9, 2009, 11:45 AM

Post #1 of 1 (180 views)
Permalink
svn commit: r834191 - /spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm
Author: mmartinec
Date: Mon Nov 9 19:45:40 2009
New Revision: 834191

URL: http://svn.apache.org/viewvc?rev=834191&view=rev
Log:
Bug 6225: untaint the string in an attempt to work around
a perl crash - a workaround for [perl #69973] bug:
Invalid and tainted utf-8 char crashes perl 5.10.1 in regexp evaluation
A regexp and a string should both be utf8, or none of them;
untainting string also seems to avoid the crash.

Modified:
spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm

Modified: spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm?rev=834191&r1=834190&r2=834191&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm Mon Nov 9 19:45:40 2009
@@ -56,7 +56,7 @@
use Mail::SpamAssassin::Constants qw(:sa);
use Mail::SpamAssassin::AsyncLoop;
use Mail::SpamAssassin::Conf;
-use Mail::SpamAssassin::Util;
+use Mail::SpamAssassin::Util qw(untaint_var);
use Mail::SpamAssassin::Logger;

use vars qw{
@@ -1896,12 +1896,18 @@
my $redirector_patterns = $self->{conf}->{redirector_patterns};

my ($rulename, $pat, @uris);
- local ($_);
-
my $text;

- for (@$textary) {
- # NOTE: do not modify $_ in this loop
+ for my $entry (@$textary) {
+
+ # a workaround for [perl #69973] bug:
+ # Invalid and tainted utf-8 char crashes perl 5.10.1 in regexp evaluation
+ # Bug 6225, regexp and string should both be utf8, or none of them;
+ # untainting string also seems to avoid the crash
+ #
+ # Bug 6225: untaint the string in an attempt to work around a perl crash
+ local $_ = untaint_var($entry);
+
while (/$tbirdurire/igo) {
my $rawuri = $1||$2||$3;
$rawuri =~ s/(^[^(]*)\).*$/$1/; # as per ThunderBird, ) is an end delimiter if there is no ( preceeding it

SpamAssassin commits RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.