You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spamassassin.apache.org by jh...@apache.org on 2017/11/20 20:52:39 UTC

svn commit: r1815853 - /spamassassin/trunk/lib/Mail/SpamAssassin/HTML.pm

Author: jhardin
Date: Mon Nov 20 20:52:39 2017
New Revision: 1815853

URL: http://svn.apache.org/viewvc?rev=1815853&view=rev
Log:
Bug 7437 - fix issues with parsing a message having an unclosed HTML <style> and <script> tag (e.g. due to spamc size limits)

Modified:
    spamassassin/trunk/lib/Mail/SpamAssassin/HTML.pm

Modified: spamassassin/trunk/lib/Mail/SpamAssassin/HTML.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/HTML.pm?rev=1815853&r1=1815852&r2=1815853&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/HTML.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/HTML.pm Mon Nov 20 20:52:39 2017
@@ -260,9 +260,10 @@ sub parse {
   }
   $self->SUPER::parse($text);
 
-  # bug 7437: deal gracefully with HTML::Parser misbehavior on unclosed <style> tag
+  # bug 7437: deal gracefully with HTML::Parser misbehavior on unclosed <style> and <script> tags
   # (typically from not passing the entire message to spamc, but possibly a DoS attack)
   $self->SUPER::parse("</style>") while exists $self->{inside}{style} && $self->{inside}{style} > 0;
+  $self->SUPER::parse("</script>") while exists $self->{inside}{script} && $self->{inside}{script} > 0;
 
   $self->SUPER::eof;