From b15da9ccc9c1311db5fb6d78203808ef10a227f8 Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@rspamd.com>
Date: Tue, 14 Oct 2025 15:38:39 +0100
Subject: [PATCH] [Fix] Use null-terminated string for symbol lookup in
 composite dependency analysis

In composite_dep_callback, atom->begin from rspamd_ftok_t is not null-terminated,
but was being passed directly to symbol_needs_second_pass() which calls
rspamd_symcache_get_symbol_flags() expecting a null-terminated C string.

This could cause incorrect symbol lookups or undefined behavior. Fix by creating
a std::string to ensure null-termination before passing to the C API.
---
 src/libserver/composites/composites_manager.cxx | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/libserver/composites/composites_manager.cxx b/src/libserver/composites/composites_manager.cxx
index cc340be4c2..c1bc1d94a2 100644
--- a/src/libserver/composites/composites_manager.cxx
+++ b/src/libserver/composites/composites_manager.cxx
@@ -383,9 +383,11 @@ composite_dep_callback(const rspamd_ftok_t *atom, gpointer ud)
 	}
 
 	/* Check if the symbol itself needs second pass */
-	if (symbol_needs_second_pass(cfg, atom->begin)) {
-		msg_debug_config("composite depends on second-pass symbol: %*s",
-						 (int) atom->len, atom->begin);
+	/* Create null-terminated string for C API (rspamd_ftok_t is not null-terminated) */
+	std::string symbol_name(atom->begin, atom->len);
+	if (symbol_needs_second_pass(cfg, symbol_name.c_str())) {
+		msg_debug_config("composite depends on second-pass symbol: %s",
+						 symbol_name.c_str());
 		cbd->needs_second_pass = true;
 	}
 }
-- 
2.47.3