You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2006/03/28 00:14:38 UTC
[Bug 4843] New: Possible bug in SA's URI parsing
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4843
Summary: Possible bug in SA's URI parsing
Product: Spamassassin
Version: 3.1.1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P5
Component: Plugins
AssignedTo: dev@spamassassin.apache.org
ReportedBy: hutchib@cscoe.accenture.com
The attached iCalendar file was part of a message that triggered the
URIBL_WS_SURBL rule:
2.1 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist
[URIs: brain.com]
The actual domain in the .ics file is "workbrain.com", but "brain.com" is also
parsed by SpamAssassin's URI parsing, as a result of these problem lines ("cat
-vet" output):
Inc.\N000.000.0000 Office\N000.000.0000 Cell\NAAAAAAA@work$
brain.com\N \N <http://www.workbrain.com/> <<ole1.bmp>> Enterprise soluti$
Note: In the attached .ics file, I replaced "A" and "0" with any potentially
sensitive character or number. Otherwise, the file is completely intact.
Is this a bug with the URI parser, or just an unfortunate problem with .ics files?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4843] Possible bug in SA's URI parsing
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4843
------- Additional Comments From jm@jmason.org 2006-03-28 11:05 -------
if common MUAs do not display the text/calendar parts inline, I'm +1 on ignoring it.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4843] Possible bug in SA's URI parsing
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4843
------- Additional Comments From felicity@apache.org 2006-08-13 00:18 -------
Created an attachment (id=3640)
--> (http://issues.apache.org/SpamAssassin/attachment.cgi?id=3640&action=view)
suggested patch
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4843] Possible bug in SA's URI parsing
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4843
------- Additional Comments From hutchib@cscoe.accenture.com 2006-03-27 23:17 -------
Created an attachment (id=3435)
--> (http://issues.apache.org/SpamAssassin/attachment.cgi?id=3435&action=view)
Triggers "URIBL_WS_SURBL". Note how SA's URI parsing finds ccenture.com and
brain.com.
Triggers "URIBL_WS_SURBL". Run through "spamassassin -D -t <
sanitized_ics_file" to see it parse "centure.com" and "brain.com".
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4843] [review] Possible bug in SA's URI parsing
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4843
felicity@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Possible bug in SA's URI |[review] Possible bug in
|parsing |SA's URI parsing
Status Whiteboard| |needs 2 votes
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4843] Possible bug in SA's URI parsing
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4843
------- Additional Comments From spamassassin@dostech.ca 2006-03-30 06:08 -------
Ditto. Checking text/anything that isn't displayed inline is bound to cause
problems.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4843] Possible bug in SA's URI parsing
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4843
------- Additional Comments From felicity@apache.org 2006-03-27 23:38 -------
Hrm. Part of me wants to say "worksforme" since the text is parsed appropriately imo. The other part of
me says that we probably ought to skip text/calendar parts when finding the parts to render.
I don't think MUAs generally display the text/calendar parts inline, and I have 0 spam mails in my corpus
which include a text/calendar part (checked Feb and Mar).
What are other people's thoughts?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4843] Possible bug in SA's URI parsing
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4843
felicity@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|Undefined |3.1.5
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4843] [review] Possible bug in SA's URI parsing
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4843
felicity@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From felicity@apache.org 2006-08-20 21:19 -------
Sending lib/Mail/SpamAssassin/Message.pm
Transmitting file data .
Committed revision 433052.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4843] [review] Possible bug in SA's URI parsing
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4843
felicity@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #3640 is|0 |1
obsolete| |
------- Additional Comments From felicity@apache.org 2006-08-16 03:38 -------
Created an attachment (id=3654)
--> (http://issues.apache.org/SpamAssassin/attachment.cgi?id=3654&action=view)
suggested patch 2
hrm. I was just noticing that the last patch wasn't quite right. :(
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4843] [review] Possible bug in SA's URI parsing
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4843
sidney@sidney.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status Whiteboard|needs 2 votes |ready for commit
------- Additional Comments From sidney@sidney.com 2006-08-20 20:39 -------
+1
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4843] [review] Possible bug in SA's URI parsing
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4843
------- Additional Comments From jm@jmason.org 2006-08-20 19:39 -------
+1
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.