From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Wed, 6 Dec 2017 20:25:42 +0000 (+0000)
Subject: [Fix] Check decoded headers sanity (e.g. by excluding \0)
X-Git-Tag: 1.6.6~2^2~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d8c2d8d71a6143bac3594fd398605838cca65522;p=thirdparty%2Frspamd.git

[Fix] Check decoded headers sanity (e.g. by excluding \0)

MFH: rspamd-1.6
---

diff --git a/src/libmime/mime_headers.c b/src/libmime/mime_headers.c
index 09c8927192..63568e2300 100644
--- a/src/libmime/mime_headers.c
+++ b/src/libmime/mime_headers.c
@@ -508,6 +508,20 @@ rspamd_mime_header_maybe_save_token (rspamd_mempool_t *pool, GString *out,
 	memcpy (old_charset, new_charset, sizeof (*old_charset));
 }
 
+static void
+rspamd_mime_header_sanity_check (GString *str)
+{
+	gsize i;
+	gchar t;
+
+	for (i = 0; i < str->len; i ++) {
+		t = str->str[i];
+		if (!((t & 0x80) || g_ascii_isgraph (t) || t == ' ')) {
+			str->str[i] = '?';
+		}
+	}
+}
+
 gchar *
 rspamd_mime_header_decode (rspamd_mempool_t *pool, const gchar *in,
 		gsize inlen)
@@ -686,6 +700,7 @@ rspamd_mime_header_decode (rspamd_mempool_t *pool, const gchar *in,
 
 	g_byte_array_free (token, TRUE);
 	g_byte_array_free (decoded, TRUE);
+	rspamd_mime_header_sanity_check (out);
 	ret = g_string_free (out, FALSE);
 	rspamd_mempool_add_destructor (pool, g_free, ret);