From 989b808302248f1f8a51724984fdfa97925f5e21 Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Sun, 9 Apr 2017 11:01:50 +0100
Subject: [Minor] More strict boundaries checks and composites policies fix

---
 src/libserver/cfg_rcl.c             | 17 +++++++++--------
 src/libserver/html.c                |  4 ++--
 src/libstat/tokenizers/tokenizers.c |  2 ++
 3 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/src/libserver/cfg_rcl.c b/src/libserver/cfg_rcl.c
index 87b2dd0fa..1e13f6a56 100644
--- a/src/libserver/cfg_rcl.c
+++ b/src/libserver/cfg_rcl.c
@@ -1480,14 +1480,6 @@ rspamd_rcl_composite_handler (rspamd_mempool_t *pool,
 		rspamd_mempool_alloc0 (cfg->cfg_pool, sizeof (struct rspamd_composite));
 	composite->expr = expr;
 	composite->id = g_hash_table_size (cfg->composite_symbols);
-	g_hash_table_insert (cfg->composite_symbols,
-		(gpointer)composite_name,
-		composite);
-
-	if (new) {
-		rspamd_symbols_cache_add_symbol (cfg->cache, composite_name, 0,
-			NULL, NULL, SYMBOL_TYPE_COMPOSITE, -1);
-	}
 
 	val = ucl_object_lookup (obj, "score");
 	if (val != NULL && ucl_object_todouble_safe (val, &score)) {
@@ -1537,6 +1529,15 @@ rspamd_rcl_composite_handler (rspamd_mempool_t *pool,
 		}
 	}
 
+	g_hash_table_insert (cfg->composite_symbols,
+			(gpointer)composite_name,
+			composite);
+
+	if (new) {
+		rspamd_symbols_cache_add_symbol (cfg->cache, composite_name, 0,
+				NULL, NULL, SYMBOL_TYPE_COMPOSITE, -1);
+	}
+
 	return TRUE;
 }
 
diff --git a/src/libserver/html.c b/src/libserver/html.c
index 00b4e24a5..1e6aa002a 100644
--- a/src/libserver/html.c
+++ b/src/libserver/html.c
@@ -1445,7 +1445,7 @@ rspamd_html_process_url (rspamd_mempool_t *pool, const gchar *start, guint len,
 
 	/* Strip spaces from the url */
 	/* Head spaces */
-	while (g_ascii_isspace (*p) && p < start + len) {
+	while ( p < start + len && g_ascii_isspace (*p)) {
 		p ++;
 		start ++;
 		len --;
@@ -1459,7 +1459,7 @@ rspamd_html_process_url (rspamd_mempool_t *pool, const gchar *start, guint len,
 	/* Trailing spaces */
 	p = start + len - 1;
 
-	while (g_ascii_isspace (*p) && p >= start) {
+	while (p >= start && g_ascii_isspace (*p)) {
 		p --;
 		len --;
 
diff --git a/src/libstat/tokenizers/tokenizers.c b/src/libstat/tokenizers/tokenizers.c
index e165a4341..e9a9ce9b9 100644
--- a/src/libstat/tokenizers/tokenizers.c
+++ b/src/libstat/tokenizers/tokenizers.c
@@ -304,8 +304,10 @@ rspamd_tokenize_text (gchar *text, gsize len, gboolean is_utf,
 
 	buf.begin = text;
 	buf.len = len;
+	buf.flags = 0;
 	token.begin = NULL;
 	token.len = 0;
+	token.flags = 0;
 
 	if (compat || !is_utf) {
 		func = rspamd_tokenizer_get_word_compat;
-- 
cgit v1.2.3