Problems with UTF8 and docx (???)
Mark Martinec
Mark.Martinec+amavis at ijs.si
Fri Apr 1 17:39:28 CEST 2011
for the archive:
> I have problems repeating the issue
> as it does not happen with all documents.
Jakob provided me (offlist) with the debug log, which revealed the problem.
Below is a patch for 2.7.0-pre14. An equivalent patch was included
in the 2.6.5-rc1 (except that I forgot to add the 'untaint' into the
import Amavis::Util list, which I'll fix in 2.6.5-rc2).
Will wrap another 2.7.0-pre* soon to include this fix.
Here is a release notes entry:
- provided a workaround for a [perl #62048] bug affecting versions of perl
older than (approx) 5.12.3, when a banning check is using rules in
$banned_namepath_re and a lookup_re() could abort with an:
Unwarranted "Malformed UTF-8 character"
on certain tainted mail part names (with a valid UTF-8 representation);
--- amavisd~ 2011-02-02 22:11:30.000000000 +0100
+++ amavisd 2011-04-01 17:31:45.310742469 +0200
@@ -8181,5 +8181,5 @@
@ISA = qw(Exporter);
@EXPORT_OK = qw(&check_header_validity &check_for_banned_names);
- import Amavis::Util qw(ll do_log min max minmax sanitize_str);
+ import Amavis::Util qw(ll do_log min max minmax untaint sanitize_str);
import Amavis::Conf qw(:platform %banned_rules c cr ca);
import Amavis::Lookup qw(lookup lookup2);
@@ -8412,5 +8412,11 @@
if (ref $bnpre && grep(!$_->{result}, @recip_tables)) { # any non-true?
# try new style: banned_namepath_re; it is global, not per-recipient
- my($result,$matchingkey) = lookup2(0, join("\n", at descr), [$bnpre],
+ my $descr_str = join("\n", at descr);
+ if ($] < 5.012003) {
+ # avoid a [perl #62048] bug in lookup_re():
+ # Unwarranted "Malformed UTF-8 character" on tainted variable
+ $descr_str = untaint($descr_str);
+ }
+ my($result,$matchingkey) = lookup2(0, $descr_str, [$bnpre],
Label=>'banned_namepath_re');
if (defined $result) {
Mark
More information about the amavis-users
mailing list