diff options
| author | Vsevolod Stakhov <vsevolod@rspamd.com> | 2023-05-30 16:14:04 +0100 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@rspamd.com> | 2023-05-30 16:14:04 +0100 |
| commit | 04be0f217c3a9f788cfe61a6f6c7296fb7628a52 (patch) | |
| tree | 5f0f843700e384ae129c9c84545424457a20e956 | |
| parent | 72658d4aa6f02d61e61a8a62be1742d3bff6c3e7 (diff) | |
| download | rspamd-04be0f217c3a9f788cfe61a6f6c7296fb7628a52.tar.gz rspamd-04be0f217c3a9f788cfe61a6f6c7296fb7628a52.zip | |
[Fix] Fix parsing of the mask values that are invalid
| -rw-r--r-- | src/libserver/spf.c | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/src/libserver/spf.c b/src/libserver/spf.c index a422d2819..06352f5db 100644 --- a/src/libserver/spf.c +++ b/src/libserver/spf.c @@ -1458,13 +1458,22 @@ parse_spf_ip4 (struct spf_record *rec, struct spf_addr *addr) } if (slash) { - mask = strtoul (slash + 1, NULL, 10); + gchar *end = NULL; + + mask = strtoul (slash + 1, &end, 10); if (mask > 32) { msg_info_spf ("invalid mask for ip4 element for %s: %s", addr->spf_string, rec->sender_domain); return FALSE; } + if (end != NULL && !g_ascii_isspace(*end) && *end != '\0') { + /* Invalid mask definition */ + msg_info_spf ("invalid mask for ip4 element for %s: %s", addr->spf_string, + rec->sender_domain); + return FALSE; + } + addr->m.dual.mask_v4 = mask; if (mask < min_valid_mask) { @@ -1525,13 +1534,21 @@ parse_spf_ip6 (struct spf_record *rec, struct spf_addr *addr) } if (slash) { - mask = strtoul (slash + 1, NULL, 10); + gchar *end = NULL; + mask = strtoul (slash + 1, &end, 10); if (mask > 128) { msg_info_spf ("invalid mask for ip6 element for %s: %s", addr->spf_string, rec->sender_domain); return FALSE; } + if (end != NULL && !g_ascii_isspace(*end) && *end != '\0') { + /* Invalid mask definition */ + msg_info_spf ("invalid mask for ip4 element for %s: %s", addr->spf_string, + rec->sender_domain); + return FALSE; + } + addr->m.dual.mask_v6 = mask; if (mask < min_valid_mask) { @@ -1823,7 +1840,7 @@ expand_spf_macro (struct spf_record *rec, struct spf_resolved_element *resolved, { const gchar *p, *macro_value = NULL; gchar *c, *new, *tmp, delim = '.'; - gsize len = 0, slen = 0, macro_len = 0; + gsize len = 0, macro_len = 0; gint state = 0, ndelim = 0; gchar ip_buf[64 + 1]; /* cannot use INET6_ADDRSTRLEN as we use ptr lookup */ gboolean need_expand = FALSE, reversed; @@ -1846,7 +1863,6 @@ expand_spf_macro (struct spf_record *rec, struct spf_resolved_element *resolved, len++; } - slen++; p++; break; case 1: @@ -1872,7 +1888,7 @@ expand_spf_macro (struct spf_record *rec, struct spf_resolved_element *resolved, return begin; } p++; - slen++; + break; case 2: /* Read macro name */ @@ -1933,7 +1949,6 @@ expand_spf_macro (struct spf_record *rec, struct spf_resolved_element *resolved, return begin; } p++; - slen++; state = 3; break; case 3: @@ -1943,7 +1958,6 @@ expand_spf_macro (struct spf_record *rec, struct spf_resolved_element *resolved, need_expand = TRUE; } p++; - slen++; break; default: |