From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Wed, 3 Jun 2020 10:26:33 +0000 (+0100)
Subject: [Minor] Fix corner case in html escaping
X-Git-Tag: 2.6~360
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=7eb8a6f85cc1c65e4b5a83a8c0ef65cb4087e292;p=rspamd.git

[Minor] Fix corner case in html escaping
---

diff --git a/src/libserver/html.c b/src/libserver/html.c
index b916019d9..16f108ecf 100644
--- a/src/libserver/html.c
+++ b/src/libserver/html.c
@@ -349,7 +349,12 @@ rspamd_html_decode_entitles_inplace (gchar *s, gsize len)
 	gchar *t = s, *h = s, *e = s, *end_ptr, old_c;
 	const gchar *end;
 	const gchar *entity;
-	gboolean seen_hash = FALSE, seen_digit_only = FALSE, seen_hex = FALSE;
+	gboolean seen_hash = FALSE, seen_hex = FALSE;
+	enum {
+		do_undefined,
+		do_digits_only,
+		do_mixed,
+	} seen_digit_only;
 	gint state = 0, base;
 	UChar32 uc;
 	khiter_t k;
@@ -371,7 +376,7 @@ rspamd_html_decode_entitles_inplace (gchar *s, gsize len)
 				state = 1;
 				seen_hash = FALSE;
 				seen_hex = FALSE;
-				seen_digit_only = FALSE;
+				seen_digit_only = do_undefined;
 				e = h;
 				h++;
 				continue;
@@ -520,17 +525,18 @@ decode_entity:
 					h ++;
 				}
 			}
-			else if (g_ascii_isdigit (*h) || (seen_hex && g_ascii_isxdigit (*h))) {
-				seen_digit_only = TRUE;
+			else if (seen_digit_only != do_mixed &&
+				(g_ascii_isdigit (*h) || (seen_hex && g_ascii_isxdigit (*h)))) {
+				seen_digit_only = do_digits_only;
 			}
 			else {
-				if (seen_digit_only && seen_hash && h > e) {
+				if (seen_digit_only == do_digits_only && seen_hash && h > e) {
 					/* We have seen some digits, so we can try to decode, eh */
 					/* Fuck retarded email clients... */
 					goto decode_entity;
 				}
 
-				seen_digit_only = FALSE;
+				seen_digit_only = do_mixed;
 			}
 
 			h++;