header checks can take excessive time - a patch for 2.6.4

[Mark Martinec]

Checking header section syntax could take excessive amounts of time
in some degenerate cases of a very long header section. Here is a
patch for amavisd-new-2.6.4.  An equivalent fix for 2.7.0-pre* will
be provided with the next pre-release.

--- amavisd~	2011-01-27 02:48:43.238780803 +0100
+++ amavisd	2011-03-29 02:22:29.433613170 +0200
@@ -6995,27 +6995,29 @@
         $minor_badh_category = max(6, $minor_badh_category);
       }
-    } elsif ($t{'empty'} && $curr_head =~ /^(.*?)^([ \t]+)(?=\n|\z)/gms) {
+    } elsif ($t{'empty'} && $curr_head =~ /^([ \t]+)(?=\n|\z)/gms) {
       $msg1 ="Improper folded header field made up entirely of whitespace";
-      $pre = $1; $mid = $2; $post = substr($curr_head,pos($curr_head));
+      $mid = $1;
       # note: using //g and pos to avoid deep recursion in regexp
       $minor_badh_category = max(4, $minor_badh_category);
     } elsif ($t{'long'} &&
-             $curr_head =~ /^(.*?)^([^\n]{999,})(?=\n|\z)/gms) {
+             $curr_head =~ /^([^\n]{999,})(?=\n|\z)/gms) {
       $msg1 = "Header line longer than 998 characters";
-      $pre = $1; $mid = $2; $post = substr($curr_head,pos($curr_head));
+      $mid = $1;
       $minor_badh_category = max(5, $minor_badh_category);
-    } elsif ($t{'control'} && $curr_head =~ /^(.*?)([\000\015])/gs) {
+    } elsif ($t{'control'} && $curr_head =~ /([\000\015])/gs) {
       $msg1 = "Improper use of control character";
-      $pre = $1; $mid = $2; $post = substr($curr_head,pos($curr_head));
+      $mid = $1;
       $minor_badh_category = max(3, $minor_badh_category);
-    } elsif ($t{'8bit'} && $curr_head =~ /^(.*?)([\200-\377])/gs) {
+    } elsif ($t{'8bit'} && $curr_head =~ /([\200-\377])/gs) {
       $msg1 = "Non-encoded 8-bit data";
-      $pre = $1; $mid = $2; $post = substr($curr_head,pos($curr_head));
+      $mid = $1;
       $minor_badh_category = max(2, $minor_badh_category);
-    } elsif ($t{'8bit'} && $curr_head =~ /^(.*?)([^\000-\377])/gs) {
+    } elsif ($t{'8bit'} && $curr_head =~ /([^\000-\377])/gs) {
       $msg1 = "Non-encoded Unicode character";  # should not happen
-      $pre = $1; $mid = $2; $post = substr($curr_head,pos($curr_head));
+      $mid = $1;
       $minor_badh_category = max(2, $minor_badh_category);
     }
+    $pre = substr($curr_head,0,pos($curr_head)-length($mid))  if !defined $pre;
+    $post = substr($curr_head,pos($curr_head))  if !defined $post;
     if (defined $msg1) {
       chomp($post);


Mark