You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by jm...@apache.org on 2005/12/01 03:13:35 UTC
svn commit: r350103 - in /spamassassin/branches/3.1:
lib/Mail/SpamAssassin/Conf/Parser.pm t/regexp_valid.t
Author: jm
Date: Wed Nov 30 18:13:32 2005
New Revision: 350103
URL: http://svn.apache.org/viewcvs?rev=350103&view=rev
Log:
bug 4700: certain privileged configuration settings can inject code, due to a bad fix for bug 3846. Back that out
Modified:
spamassassin/branches/3.1/lib/Mail/SpamAssassin/Conf/Parser.pm
spamassassin/branches/3.1/t/regexp_valid.t
Modified: spamassassin/branches/3.1/lib/Mail/SpamAssassin/Conf/Parser.pm
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.1/lib/Mail/SpamAssassin/Conf/Parser.pm?rev=350103&r1=350102&r2=350103&view=diff
==============================================================================
--- spamassassin/branches/3.1/lib/Mail/SpamAssassin/Conf/Parser.pm (original)
+++ spamassassin/branches/3.1/lib/Mail/SpamAssassin/Conf/Parser.pm Wed Nov 30 18:13:32 2005
@@ -907,12 +907,7 @@
# security of the regexp. simply using ("" =~ $re) will NOT do that, and
# will therefore open a hole!
if (eval { ("" =~ m#${re}#); 1; }) {
-
- # now double-check -- try with the user-supplied delimiters as well
- my $evalstr = '("" =~ '.$safere.'); 1;';
- if (eval $evalstr) {
- return 1;
- }
+ return 1;
}
my $err = $@;
Modified: spamassassin/branches/3.1/t/regexp_valid.t
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.1/t/regexp_valid.t?rev=350103&r1=350102&r2=350103&view=diff
==============================================================================
--- spamassassin/branches/3.1/t/regexp_valid.t (original)
+++ spamassassin/branches/3.1/t/regexp_valid.t Wed Nov 30 18:13:32 2005
@@ -20,7 +20,7 @@
use Test;
# settings
-plan tests => 25;
+plan tests => 24;
# initialize SpamAssassin
use Mail::SpamAssassin;
@@ -88,7 +88,7 @@
ok badone '/foo(?{1})bar/';
ok badone 'm!foo(?{1})bar!';
-ok badone '/test//';
+# ok badone '/test//'; # removed for bug 4700
ok goodone '.*';
ok goodone 'm*<a[^<]{0,60} onMouseMove=(?:3D)?"window.status=(?:3D)?\'https?://*';