diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2017-04-07 22:52:55 +0100 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2017-04-07 22:52:55 +0100 |
| commit | 2e5dae850516f923cda3b26492c697a676aa3cdc (patch) | |
| tree | 9e1c685d5a0f3c3eb89c363e9a6d190cc1c6dc53 /src | |
| parent | 6691508e4221b4efd89653f0a8ee49996446904e (diff) | |
| download | rspamd-2e5dae850516f923cda3b26492c697a676aa3cdc.tar.gz rspamd-2e5dae850516f923cda3b26492c697a676aa3cdc.zip | |
[Minor] More bounds checks
Diffstat (limited to 'src')
| -rw-r--r-- | src/libserver/html.c | 5 | ||||
| -rw-r--r-- | src/libserver/spf.c | 7 |
2 files changed, 9 insertions, 3 deletions
diff --git a/src/libserver/html.c b/src/libserver/html.c index 175398aa3..00b4e24a5 100644 --- a/src/libserver/html.c +++ b/src/libserver/html.c @@ -848,8 +848,9 @@ rspamd_html_url_is_phished (rspamd_mempool_t *pool, url_text ++; } - if (rspamd_url_find (pool, url_text, end - url_text, &url_str, FALSE, - &url_pos) && + if (end > url_text + 4 && + rspamd_url_find (pool, url_text, end - url_text, &url_str, FALSE, + &url_pos) && url_str != NULL) { if (url_pos > 0) { /* diff --git a/src/libserver/spf.c b/src/libserver/spf.c index dc8e2b36c..fdd4a5136 100644 --- a/src/libserver/spf.c +++ b/src/libserver/spf.c @@ -452,6 +452,9 @@ spf_check_ptr_host (struct spf_dns_cb *cb, const char *name) if (*dend == '.') { dend--; } + if (nend <= nstart || dend <= dstart) { + return FALSE; + } /* Now compare from end to start */ for (;;) { @@ -459,6 +462,7 @@ spf_check_ptr_host (struct spf_dns_cb *cb, const char *name) msg_debug_spf ("ptr records mismatch: %s and %s", dend, nend); return FALSE; } + if (dend == dstart) { break; } @@ -469,7 +473,8 @@ spf_check_ptr_host (struct spf_dns_cb *cb, const char *name) nend--; dend--; } - if (nend != nstart && *(nend - 1) != '.') { + + if (nend > nstart && *(nend - 1) != '.') { /* Not a subdomain */ return FALSE; } |