aboutsummaryrefslogtreecommitdiffstats
path: root/src/fuzzy_storage.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/fuzzy_storage.c')
-rw-r--r--src/fuzzy_storage.c30
1 files changed, 24 insertions, 6 deletions
diff --git a/src/fuzzy_storage.c b/src/fuzzy_storage.c
index 919ea2118..d6836df3b 100644
--- a/src/fuzzy_storage.c
+++ b/src/fuzzy_storage.c
@@ -342,7 +342,7 @@ ucl_keymap_fin_cb(struct map_cb_data *data, void **target)
return;
}
- parser = ucl_parser_new(UCL_PARSER_NO_FILEVARS);
+ parser = ucl_parser_new(UCL_PARSER_SAFE_FLAGS);
if (!ucl_parser_add_chunk(parser, jb->buf->str, jb->buf->len)) {
msg_err_config("cannot load ucl data: parse error %s",
@@ -1305,7 +1305,7 @@ rspamd_fuzzy_check_callback(struct rspamd_fuzzy_reply *result, void *ud)
{
/* Start lua post handler */
lua_State *L = session->ctx->cfg->lua_state;
- int err_idx, ret, nargs = 9;
+ int err_idx, ret, nargs = 10;
lua_pushcfunction(L, &rspamd_lua_traceback);
err_idx = lua_gettop(L);
@@ -1339,7 +1339,9 @@ rspamd_fuzzy_check_callback(struct rspamd_fuzzy_reply *result, void *ud)
/* We push shingles merely for commands that modify content to avoid extra work */
if (is_shingle && cmd->cmd != FUZZY_CHECK) {
lua_newshingle(L, &session->cmd.sgl);
- nargs++;
+ }
+ else {
+ lua_pushnil(L);
}
if ((ret = lua_pcall(L, nargs, LUA_MULTRET, err_idx)) != 0) {
@@ -1384,6 +1386,20 @@ rspamd_fuzzy_check_callback(struct rspamd_fuzzy_reply *result, void *ud)
}
}
+ /* Check if the returned hash from fuzzy matching should be skipped */
+ if (session->ctx->skip_hashes && result->v1.value > 0) {
+ char hexbuf[sizeof(result->digest) * 2 + 1];
+ rspamd_encode_hex_buf(result->digest, sizeof(result->digest),
+ hexbuf, sizeof(hexbuf) - 1);
+ hexbuf[sizeof(hexbuf) - 1] = '\0';
+
+ if (rspamd_match_hash_map(session->ctx->skip_hashes,
+ hexbuf, sizeof(hexbuf) - 1)) {
+ result->v1.value = 401;
+ result->v1.prob = 0.0f;
+ }
+ }
+
if (!isnan(session->ctx->delay) &&
rspamd_match_radix_map_addr(session->ctx->delay_whitelist,
session->addr) == NULL) {
@@ -1505,7 +1521,7 @@ rspamd_fuzzy_process_command(struct fuzzy_session *session)
{
/* Start lua pre handler */
lua_State *L = session->ctx->cfg->lua_state;
- int err_idx, ret, nargs = 7;
+ int err_idx, ret, nargs = 8;
lua_pushcfunction(L, &rspamd_lua_traceback);
err_idx = lua_gettop(L);
@@ -1527,7 +1543,9 @@ rspamd_fuzzy_process_command(struct fuzzy_session *session)
/* We push shingles merely for commands that modify content to avoid extra work */
if (is_shingle && cmd->cmd != FUZZY_CHECK) {
lua_newshingle(L, &session->cmd.sgl);
- nargs++;
+ }
+ else {
+ lua_pushnil(L);
}
/* Flag and value */
@@ -2661,7 +2679,7 @@ rspamd_fuzzy_maybe_load_ratelimits(struct rspamd_fuzzy_storage_ctx *ctx)
RSPAMD_DBDIR);
if (access(path, R_OK) != -1) {
- struct ucl_parser *parser = ucl_parser_new(UCL_PARSER_NO_IMPLICIT_ARRAYS | UCL_PARSER_DISABLE_MACRO);
+ struct ucl_parser *parser = ucl_parser_new(UCL_PARSER_SAFE_FLAGS);
if (ucl_parser_add_file(parser, path)) {
ucl_object_t *obj = ucl_parser_get_object(parser);
int loaded = 0;
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-04 03:29:57 +0000