From: Vsevolod Stakhov <vsevolod@rspamd.com>
Date: Sat, 15 Nov 2025 15:33:22 +0000 (+0000)
Subject: [Minor] Address review thingies (mostly fp though)
X-Git-Tag: 3.14.1~15^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0f791f94142e81d7d0ac8d9a4ba31919c838a2c5;p=thirdparty%2Frspamd.git

[Minor] Address review thingies (mostly fp though)
---

diff --git a/lualib/lua_url_filter.lua b/lualib/lua_url_filter.lua
index 1e8b0ba2af..c9c08c1b31 100644
--- a/lualib/lua_url_filter.lua
+++ b/lualib/lua_url_filter.lua
@@ -89,6 +89,10 @@ function exports.filter_url_string(url_text, flags)
     at_count = at_count + 1
     -- Adjust found position to be relative to start of url_text
     local absolute_pos = search_from + found - 1
+    -- Defensive check: ensure position is within bounds (should always be true due to url_len check)
+    if absolute_pos > url_len then
+      return exports.REJECT -- Position overflow, should not happen
+    end
     if at_count == 1 then
       first_at_pos = absolute_pos
     end
diff --git a/src/libserver/url.c b/src/libserver/url.c
index ffa1b43196..d93a5c03af 100644
--- a/src/libserver/url.c
+++ b/src/libserver/url.c
@@ -1026,8 +1026,7 @@ out:
 
 /* Forward declaration for Lua consultation */
 static enum rspamd_url_lua_filter_result
-rspamd_url_lua_consult(rspamd_mempool_t *pool,
-					   const char *url_str,
+rspamd_url_lua_consult(const char *url_str,
 					   gsize len,
 					   unsigned int flags,
 					   lua_State *L);
@@ -1219,7 +1218,7 @@ rspamd_web_parse(struct http_parser_url *u, const char *str, gsize len,
 			else if (p - c > max_email_user) {
 				/* Oversized user field - consult Lua filter (fixes #5731) */
 				enum rspamd_url_lua_filter_result lua_decision =
-					rspamd_url_lua_consult(NULL, c, p - c, *flags, (lua_State *) lua_state);
+					rspamd_url_lua_consult(c, p - c, *flags, (lua_State *) lua_state);
 
 				if (lua_decision == RSPAMD_URL_LUA_FILTER_REJECT) {
 					/* REJECT: Lua says this is garbage, abort parsing */
@@ -1243,7 +1242,7 @@ rspamd_web_parse(struct http_parser_url *u, const char *str, gsize len,
 
 				/* Multiple @ signs detected - consult Lua */
 				enum rspamd_url_lua_filter_result lua_decision =
-					rspamd_url_lua_consult(NULL, c, p - c, *flags, (lua_State *) lua_state);
+					rspamd_url_lua_consult(c, p - c, *flags, (lua_State *) lua_state);
 
 				if (lua_decision == RSPAMD_URL_LUA_FILTER_REJECT) {
 					/* REJECT: Too suspicious, abort */
@@ -2228,7 +2227,6 @@ rspamd_url_remove_dots(struct rspamd_url *uri)
 /**
  * Consult Lua filter when C parser encounters suspicious/ambiguous URL patterns
  * This is called DURING parsing when C is unsure how to proceed
- * @param pool Memory pool
  * @param url_str URL string fragment being examined
  * @param len Length of the fragment
  * @param flags Current URL parsing flags
@@ -2236,8 +2234,7 @@ rspamd_url_remove_dots(struct rspamd_url *uri)
  * @return enum rspamd_url_lua_filter_result
  */
 static enum rspamd_url_lua_filter_result
-rspamd_url_lua_consult(rspamd_mempool_t *pool,
-					   const char *url_str,
+rspamd_url_lua_consult(const char *url_str,
 					   gsize len,
 					   unsigned int flags,
 					   lua_State *L)