https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6213
Summary: parsing of eval-type rules: allow unquoted domain
names, disallow unmatched quotes
Product: Spamassassin
Version: 3.3.0
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P5
Component: Libraries
AssignedTo: [email protected]
ReportedBy: [email protected]
Instead of re-opening Bug 4419, here is a new entry.
Conf::Parser::pack_eval_method currently uses the following regexp:
s/^\s*(?:['"](.*?)['"]|([\d\.:A-Za-z]+?))\s*(?:,\s*|$)//
1. The above allows most domain names to be given as arguments to eval rule
in unquoted form, except for domains with dashes. I propose we also allow
a minus in the character set, so that one can do:
full T9 eval:check_dkim_valid(gmail.com, cc.yahoo-inc.com, yahoo.com)
instead of:
full T9 eval:check_dkim_valid(gmail.com, 'cc.yahoo-inc.com', yahoo.com)
2. The current regexp allows argument with mismatched quotes like
'foo.com", and does now make it possible to specify a ' or " within
the quoted argument, e.g. "foo',bar" or 'foo",bar'.
Here is a proposed change to deal with both:
<<<
while ($args =~ s/^\s*(?:['"](.*?)['"]|([\d\.:A-Za-z]+?))\s*(?:,\s*|$)//) {
if (defined $1) {
push @args, $1;
}
else {
push @args, $2;
}
}
>>>
local($1,$2,$3);
while ($args =~ s/^\s* (?: (['"]) (.*?) \1 | ( [\d\.:A-Za-z-]+? ) )
\s* (?: , \s* | $ )//x) {
if (defined $2) {
push @args, $2;
}
else {
push @args, $3;
}
}
--
Configure bugmail:
https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
