You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spamassassin.apache.org by jm...@apache.org on 2005/12/01 03:13:35 UTC

svn commit: r350103 - in /spamassassin/branches/3.1: lib/Mail/SpamAssassin/Conf/Parser.pm t/regexp_valid.t

Author: jm
Date: Wed Nov 30 18:13:32 2005
New Revision: 350103

URL: http://svn.apache.org/viewcvs?rev=350103&view=rev
Log:
bug 4700: certain privileged configuration settings can inject code, due to a bad fix for bug 3846.  Back that out

Modified:
    spamassassin/branches/3.1/lib/Mail/SpamAssassin/Conf/Parser.pm
    spamassassin/branches/3.1/t/regexp_valid.t

Modified: spamassassin/branches/3.1/lib/Mail/SpamAssassin/Conf/Parser.pm
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.1/lib/Mail/SpamAssassin/Conf/Parser.pm?rev=350103&r1=350102&r2=350103&view=diff
==============================================================================
--- spamassassin/branches/3.1/lib/Mail/SpamAssassin/Conf/Parser.pm (original)
+++ spamassassin/branches/3.1/lib/Mail/SpamAssassin/Conf/Parser.pm Wed Nov 30 18:13:32 2005
@@ -907,12 +907,7 @@
   # security of the regexp.  simply using ("" =~ $re) will NOT do that, and
   # will therefore open a hole!
   if (eval { ("" =~ m#${re}#); 1; }) {
-
-    # now double-check -- try with the user-supplied delimiters as well
-    my $evalstr = '("" =~ '.$safere.'); 1;';
-    if (eval $evalstr) {
-      return 1;
-    }
+    return 1;
   }
 
   my $err = $@;

Modified: spamassassin/branches/3.1/t/regexp_valid.t
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.1/t/regexp_valid.t?rev=350103&r1=350102&r2=350103&view=diff
==============================================================================
--- spamassassin/branches/3.1/t/regexp_valid.t (original)
+++ spamassassin/branches/3.1/t/regexp_valid.t Wed Nov 30 18:13:32 2005
@@ -20,7 +20,7 @@
 use Test;
 
 # settings
-plan tests => 25;
+plan tests => 24;
 
 # initialize SpamAssassin
 use Mail::SpamAssassin;
@@ -88,7 +88,7 @@
 
 ok badone '/foo(?{1})bar/';
 ok badone 'm!foo(?{1})bar!';
-ok badone '/test//';
+# ok badone '/test//';          # removed for bug 4700
 ok goodone '.*';
 ok goodone 'm*<a[^<]{0,60} onMouseMove=(?:3D)?"window.status=(?:3D)?\'https?://*';