From: Dominik Csapak <d.csapak@proxmox.com>
To: pmg-devel@lists.proxmox.com
Subject: [pmg-devel] [PATCH pmg-api] ruledb: match field: improve handling of invalid regular expressions
Date: Fri, 14 Apr 2023 11:14:58 +0200 [thread overview]
Message-ID: <20230414091458.1517612-1-d.csapak@proxmox.com> (raw)
by not saving them in the first place if they die during execution.
We test this by using them once on an empty string.
Since users may have saved already invalid ones, only warn if we encounter
such a regex in 'parse_entity' during execution instead of die'ing. Otherwise
pmg-smtp-filter will exit and restart, possibly leading to wrongly denying
mails (and possibly sending out NDRs) before spam checking was done.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
src/PMG/RuleDB/MatchField.pm | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/src/PMG/RuleDB/MatchField.pm b/src/PMG/RuleDB/MatchField.pm
index 2b56058..177a283 100644
--- a/src/PMG/RuleDB/MatchField.pm
+++ b/src/PMG/RuleDB/MatchField.pm
@@ -69,7 +69,13 @@ sub save {
defined($self->{ogroup}) || die "undefined ogroup: ERROR";
- my $new_value = "$self->{field}:$self->{field_value}";
+ my $regex = $self->{field_value};
+
+ # test regex for validity
+ eval { "" =~ /$regex/i; };
+ die "invalid regex: $@\n" if $@;
+
+ my $new_value = "$self->{field}:$regex";
$new_value =~ s/\\/\\\\/g;
$new_value = encode('UTF-8', $new_value);
@@ -111,9 +117,12 @@ sub parse_entity {
my $decvalue = PMG::Utils::decode_rfc1522($value);
$decvalue = PMG::Utils::try_decode_utf8($decvalue);
- if ($decvalue =~ m|$self->{field_value}|i) {
- push @$res, $id;
- }
+ eval {
+ if ($decvalue =~ m|$self->{field_value}|i) {
+ push @$res, $id;
+ }
+ };
+ warn "invalid regex: $@\n" if $@;
}
}
--
2.30.2
next reply other threads:[~2023-04-14 9:15 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-14 9:14 Dominik Csapak [this message]
2023-04-14 10:12 ` Mira Limbeck
2023-05-17 10:11 ` [pmg-devel] applied: " Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230414091458.1517612-1-d.csapak@proxmox.com \
--to=d.csapak@proxmox.com \
--cc=pmg-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox