From: Vsevolod Stakhov <vsevolod@rspamd.com>
Date: Sun, 5 Oct 2025 16:21:09 +0000 (+0100)
Subject: [Minor] Add NULL check in hash_html_features for safety
X-Git-Tag: 3.14.0~87^2~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c9656ba9e01ffb427437c2724c0886b015225de7;p=thirdparty%2Frspamd.git

[Minor] Add NULL check in hash_html_features for safety

Add explicit NULL check for html_content pointer in hash_html_features()
to prevent potential undefined behavior. While features are initialized by
the HTML parser and checked in rspamd_shingles_from_html(), this provides
an additional safety layer against unexpected function calls.
---

diff --git a/src/libutil/shingles_html.cxx b/src/libutil/shingles_html.cxx
index 6a6e6cd806..33dc44ca91 100644
--- a/src/libutil/shingles_html.cxx
+++ b/src/libutil/shingles_html.cxx
@@ -287,6 +287,11 @@ hash_html_features(html_content *hc, const unsigned char key[16])
 	unsigned char digest[rspamd_cryptobox_HASHBYTES];
 	uint64_t result;
 
+	if (!hc) {
+		/* Return zero hash for NULL input */
+		return 0;
+	}
+
 	rspamd_cryptobox_hash_init(&st, key, 16);
 
 	/* Bucket numeric features for stability */
@@ -295,6 +300,7 @@ hash_html_features(html_content *hc, const unsigned char key[16])
 	static const int depth_buckets[] = {5, 10, 15, 20, 30};
 	static const int images_buckets[] = {1, 5, 10, 20, 50};
 
+	/* Access features with safe defaults (0 if uninitialized) */
 	uint8_t tags_bucket = bucket_value(hc->features.tags_count, tags_buckets, G_N_ELEMENTS(tags_buckets));
 	uint8_t links_bucket = bucket_value(hc->features.links.total_links, links_buckets, G_N_ELEMENTS(links_buckets));
 	uint8_t depth_bucket = bucket_value(hc->features.max_dom_depth, depth_buckets, G_N_ELEMENTS(depth_buckets));