From 91b2d72df64fc0d30dd18acd85c62cac7b00030c Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Fri, 25 May 2018 16:25:36 +0100
Subject: [Fix] Fix RFC822 comments when processing a mime address

---
 src/libmime/email_addr.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 54 insertions(+), 1 deletion(-)

diff --git a/src/libmime/email_addr.c b/src/libmime/email_addr.c
index 08071afc8..a0ad9ac19 100644
--- a/src/libmime/email_addr.c
+++ b/src/libmime/email_addr.c
@@ -203,10 +203,12 @@ rspamd_email_address_from_mime (rspamd_mempool_t *pool,
 	struct rspamd_email_address addr;
 	const gchar *p = hdr, *end = hdr + len, *c = hdr, *t;
 	GString *ns;
+	gint obraces, ebraces;
 	enum {
 		parse_name = 0,
 		parse_quoted,
 		parse_addr,
+		skip_comment,
 		skip_spaces
 	} state = parse_name, next_state = parse_name;
 
@@ -290,6 +292,23 @@ rspamd_email_address_from_mime (rspamd_mempool_t *pool,
 			else if (*p == '@') {
 				seen_at = TRUE;
 			}
+			else if (*p == '(') {
+				if (p > c) {
+					t = p - 1;
+
+					while (t > c && g_ascii_isspace (*t)) {
+						t --;
+					}
+
+					g_string_append_len (ns, c, t - c + 1);
+				}
+
+				c = p;
+				obraces = 1;
+				ebraces = 0;
+				state = skip_comment;
+				next_state = parse_name;
+			}
 			p ++;
 			break;
 		case parse_quoted:
@@ -331,6 +350,12 @@ rspamd_email_address_from_mime (rspamd_mempool_t *pool,
 			else if (*p == '@') {
 				seen_at = TRUE;
 			}
+			else if (*p == '(') {
+				obraces = 1;
+				ebraces = 0;
+				state = skip_comment;
+				next_state = parse_addr;
+			}
 			p ++;
 			break;
 		case skip_spaces:
@@ -342,6 +367,33 @@ rspamd_email_address_from_mime (rspamd_mempool_t *pool,
 				p ++;
 			}
 			break;
+		case skip_comment:
+			if (*p == '(') {
+				obraces ++;
+			}
+			else if (*p == ')') {
+				ebraces --;
+			}
+
+			if (obraces == ebraces) {
+				if (next_state == parse_name) {
+					/* Include comment in name */
+					if (p > c) {
+						t = p - 1;
+
+						while (t > c && g_ascii_isspace (*t)) {
+							t --;
+						}
+
+						g_string_append_len (ns, c, t - c + 1);
+					}
+
+					c = p;
+				}
+				state = next_state;
+			}
+			p ++;
+			break;
 		}
 	}
 
@@ -396,7 +448,8 @@ rspamd_email_address_from_mime (rspamd_mempool_t *pool,
 		}
 		break;
 	case parse_quoted:
-		/* Unfinished quoted string */
+	case skip_comment:
+		/* Unfinished quoted string or a comment */
 		break;
 	default:
 		/* Do nothing */
-- 
cgit v1.2.3