49 lines
1.7 KiB
Plaintext
49 lines
1.7 KiB
Plaintext
Index: bogofilter/src/lexer.c
|
|
===================================================================
|
|
--- bogofilter/src/lexer.c (revision 7029)
|
|
+++ bogofilter/src/lexer.c (revision 7030)
|
|
@@ -329,7 +329,7 @@
|
|
count += cnt;
|
|
|
|
/* Note: some malformed messages can cause xfgetsl() to report
|
|
- ** "Invalid buffer size, exiting." ** and then abort. This
|
|
+ ** "Invalid buffer size, exiting." and then abort. This
|
|
** can happen when the parser is in html mode and there's a
|
|
** leading '<' but no closing '>'.
|
|
**
|
|
@@ -343,9 +343,12 @@
|
|
|
|
if (count >= MAX_TOKEN_LEN * 2 &&
|
|
long_token(buff.t.u.text, (uint) count)) {
|
|
- uint start = buff.t.leng - count;
|
|
- uint length = count - max_token_len;
|
|
- buff_shift(&buff, start, length);
|
|
+ /* Make sure not to shift bytes outside the buffer */
|
|
+ if (buff.t.leng >= (uint) count) {
|
|
+ uint start = buff.t.leng - count;
|
|
+ uint length = count - max_token_len;
|
|
+ buff_shift(&buff, start, length);
|
|
+ }
|
|
count = buff.t.leng;
|
|
}
|
|
else
|
|
Index: bogofilter/NEWS
|
|
===================================================================
|
|
--- bogofilter/NEWS (revision 7029)
|
|
+++ bogofilter/NEWS (revision 7030)
|
|
@@ -15,6 +15,14 @@
|
|
|
|
-------------------------------------------------------------------------------
|
|
|
|
+ 2015-02-28
|
|
+
|
|
+ * Fix the lexer to not try to delete parts from HTML tokens if it is
|
|
+ reading garbage (for instance, binary files misdeclared as HTML).
|
|
+ This was exposed on Fedora 20 and 21 but not Ubuntu 14.04 (x86_64),
|
|
+ and is possibly related to its newer flex 2.5.37 that may have
|
|
+ changed the way it uses yyinput() a bit. Reported by Matt Garretson.
|
|
+
|
|
2015-02-25
|
|
|
|
* Fix the lexer to handle MIME multipart messages properly when the
|