You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2011/05/08 09:00:36 UTC
[Bug 6583] [review] log_message and get_content_preview should print
safe
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6583
Henrik Krohns <he...@hege.li> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|get_content_preview should |[review] log_message and
|be safe |get_content_preview should
| |print safe
--- Comment #4 from Henrik Krohns <he...@hege.li> 2011-05-08 07:00:36 UTC ---
(In reply to comment #3)
> I'm not sure if [:print:] is going to have the same locale problems as lc(), or
> if it'll be fine due to using whatever character set the body was encoded in.
> Looks like there's a simpler fix:
>
> $str =~ s/\P{IsPrint}/?/gs;
Again I'd like to be cautious with introducing untested features.. since
especially old versions of Perl had even crashes with utf8 related things. And
I don't really think we need to care utf8 with my proposal here, we just escape
characters for the sake of readability.
Here's what I propose, atleast for trunk.. if someone really wants to directly
see some high characters like latin special characters or euro symbols let me
know.
Index: PerMsgStatus.pm
===================================================================
--- PerMsgStatus.pm (revision 1100366)
+++ PerMsgStatus.pm (working copy)
@@ -626,6 +626,9 @@
$str = Mail::SpamAssassin::Util::wrap($str, " ", "Content preview: ", 75,
1);
$str =~ s/^Content preview:\s+//gs;
+ # Bug 6583: replace unsafe characters with decimal octets "\000" - "\255"
+ $str =~ s/([\x00-\x09\x0b-\x1f\x7f-\xff])/sprintf("\\%03d",ord($1))/egs;
+
return $str;
}
Index: Logger.pm
===================================================================
--- Logger.pm (revision 1098151)
+++ Logger.pm (working copy)
@@ -174,9 +174,10 @@
# the subclasses having to understand multi-line logs
my $first = 1;
foreach my $line (split(/\n/, $message)) {
- # replace control characters with "_", tabs and spaces get
- # replaced with a single space.
- $line =~ tr/\x09\x20\x00-\x1f/ _/s;
+ # tabs and spaces get replaced with a single space.
+ $line =~ tr/\x09\x20/ /s;
+ # Bug 6583: replace unsafe characters with decimal octets "\000" - "\255"
+ $line =~ s/([\x00-\x09\x0b-\x1f\x7f-\xff])/sprintf("\\%03d",ord($1))/egs;
if ($first) {
$first = 0;
} else {
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.