From fb61b5b841d252855f292c5f9de7d2c71cadc953 Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Sat, 16 Nov 2019 12:12:05 +0000
Subject: [PATCH] [Minor] Validate symbols options

---
 src/libmime/scan_result.c | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/src/libmime/scan_result.c b/src/libmime/scan_result.c
index 2ffe6e7ff..7b1acd3e9 100644
--- a/src/libmime/scan_result.c
+++ b/src/libmime/scan_result.c
@@ -21,6 +21,7 @@
 #include "lua/lua_common.h"
 #include "libserver/cfg_file_private.h"
 #include "libmime/scan_result_private.h"
+#include "contrib/fastutf8/fastutf8.h"
 #include <math.h>
 #include "contrib/uthash/utlist.h"
 
@@ -516,7 +517,8 @@ rspamd_task_add_result_option (struct rspamd_task *task,
 {
 	struct rspamd_symbol_option *opt;
 	gboolean ret = FALSE;
-	gchar *opt_cpy;
+	gchar *opt_cpy = NULL;
+	gsize vlen;
 	khiter_t k;
 	gint r;
 
@@ -525,6 +527,14 @@ rspamd_task_add_result_option (struct rspamd_task *task,
 			s->options = kh_init (rspamd_options_hash);
 		}
 
+		vlen = strlen (val);
+
+		if (!rspamd_fast_utf8_validate (val, vlen)) {
+			opt_cpy = rspamd_str_make_utf_valid (val, vlen, &vlen,
+					task->task_pool);
+			val = opt_cpy;
+		}
+
 		if (!(s->sym && (s->sym->flags & RSPAMD_SYMBOL_FLAG_ONEPARAM)) &&
 				kh_size (s->options) < task->cfg->default_max_shots) {
 			/* Append new options */
@@ -532,7 +542,11 @@ rspamd_task_add_result_option (struct rspamd_task *task,
 
 			if (k == kh_end (s->options)) {
 				opt = rspamd_mempool_alloc0 (task->task_pool, sizeof (*opt));
-				opt_cpy = rspamd_mempool_strdup (task->task_pool, val);
+
+				if (opt_cpy == NULL) {
+					opt_cpy = rspamd_mempool_strdup (task->task_pool, val);
+				}
+
 				k = kh_put (rspamd_options_hash, s->options, opt_cpy, &r);
 
 				kh_value (s->options, k) = opt;
@@ -544,7 +558,11 @@ rspamd_task_add_result_option (struct rspamd_task *task,
 		}
 		else {
 			opt = rspamd_mempool_alloc0 (task->task_pool, sizeof (*opt));
-			opt_cpy = rspamd_mempool_strdup (task->task_pool, val);
+
+			if (opt_cpy == NULL) {
+				opt_cpy = rspamd_mempool_strdup (task->task_pool, val);
+			}
+
 			k = kh_put (rspamd_options_hash, s->options, opt_cpy, &r);
 
 			kh_value (s->options, k) = opt;
-- 
2.39.5