Razor2.patch - spamassassin - Git at Google

 This information is originally from http://www.ijs.si/software/amavisd/
 (Thanks to amavisd-new, Mark Martinec, and Vivek Khera!)

 If SpamAssassin is running in taint-mode (the default) and is configured to
 call Vipul's Razor 2.22 or higher, then Razor2 checks will fail because the
 Razor2 code is not quite taint-safe.  The problem is still present in 2.36
 and the SpamAssassin developers do not know when or how this will be
 addressed so please don't ask us!

 To apply: cd to the directory /usr/{lib,share}/perl5/.../Razor2 (wherever
 the Client subdirectory is located) and apply the patch directly with:

   patch -p0 < Razor2.patch

 or apply to the Razor2 source tree with:

   patch -p0 -d lib/Razor2 < Razor2.patch

 Please make sure that no unpatched copies of Razor are installed on your
 system.  Sometimes, there is more than one installed copy.

 --- Client/Agent.pm~	Tue Nov 19 16:26:05 2002
 +++ Client/Agent.pm	Sun Sep 21 23:20:47 2003
 @@ -969,6 +969,7 @@
      my @fns;
      if (opendir D,$self->{razorhome}) {
          @fns = map "$self->{razorhome}/$_", grep /^server\.[\S]+\.conf$/, readdir D;
 +        @fns = map { /^(\S+)$/, $1 } @fns; # untaint
          closedir D;
      }
      foreach (@fns) {
 --- Client/Config.pm~	Thu Nov 14 14:47:01 2002
 +++ Client/Config.pm	Sun Sep 21 23:18:52 2003
 @@ -323,9 +323,11 @@
          if ($fn =~ /^(.*)\/([^\/]+)$/) {
              my $dir = $1;
              $fn = readlink $fn;
 +            $fn = $1 if $fn =~ /^(\S+)$/; # untaint readlink
              $fn = "$dir/$fn" unless $fn =~ /^\//;
          } else {
              $fn = readlink $fn;
 +            $fn = $1 if $fn =~ /^(\S+)$/; # untaint readlink
          }
      }
  }
 @@ -366,13 +368,13 @@
          chomp;
          next if /^\s*#/;
          if ($nothash) {
 -            s/^\s+//; s/\s+$//;
 +            next unless s/^\s*(.+?)\s*$/$1/; # untaint
              $conf->{$_} = 7;
              push @lines, $_;
          } else {
              next unless /=/;
 -            my ($attribute, $value) = split /\=/, $_, 2;
 -            $attribute =~ s/^\s+//; $attribute =~ s/\s+$//;
 +            my ($attribute, $value) = /^\s*(.+?)\s*=\s*(.+?)\s*$/; # untaint
 +            next unless (defined $attribute && defined $value);
              $conf->{$attribute} = $self->parse_value($value);
          }
          $total++;
 --- Client/Core.pm~	Wed Nov 13 12:01:10 2002
 +++ Client/Core.pm	Sun Sep 21 23:20:21 2003
 @@ -216,8 +216,10 @@
          foreach $rr ($query->answer) {
              my $pushed = 0;
              if ($rr->type eq "A") {
 -                push @list, $rr->address;
 -                $pushed = 1;
 +                if ($rr->address =~ m/^(\d+\.\d+\.\d+\.\d+)$/) {
 +                    push @list, $1;
 +                    $pushed = 1;
 +                }
              } elsif ($rr->type eq "CNAME") {
                  if ($rr->cname eq 'list.terminator') {
                      pop @list if $pushed;
	This information is originally from http://www.ijs.si/software/amavisd/
	(Thanks to amavisd-new, Mark Martinec, and Vivek Khera!)

	If SpamAssassin is running in taint-mode (the default) and is configured to
	call Vipul's Razor 2.22 or higher, then Razor2 checks will fail because the
	Razor2 code is not quite taint-safe. The problem is still present in 2.36
	and the SpamAssassin developers do not know when or how this will be
	addressed so please don't ask us!

	To apply: cd to the directory /usr/{lib,share}/perl5/.../Razor2 (wherever
	the Client subdirectory is located) and apply the patch directly with:

	patch -p0 < Razor2.patch

	or apply to the Razor2 source tree with:

	patch -p0 -d lib/Razor2 < Razor2.patch

	Please make sure that no unpatched copies of Razor are installed on your
	system. Sometimes, there is more than one installed copy.

	--- Client/Agent.pm~ Tue Nov 19 16:26:05 2002
	+++ Client/Agent.pm Sun Sep 21 23:20:47 2003
	@@ -969,6 +969,7 @@
	my @fns;
	if (opendir D,$self->{razorhome}) {
	@fns = map "$self->{razorhome}/$_", grep /^server\.[\S]+\.conf$/, readdir D;
	+ @fns = map { /^(\S+)$/, $1 } @fns; # untaint
	closedir D;
	}
	foreach (@fns) {
	--- Client/Config.pm~ Thu Nov 14 14:47:01 2002
	+++ Client/Config.pm Sun Sep 21 23:18:52 2003
	@@ -323,9 +323,11 @@
	if ($fn =~ /^(.*)\/([^\/]+)$/) {
	my $dir = $1;
	$fn = readlink $fn;
	+ $fn = $1 if $fn =~ /^(\S+)$/; # untaint readlink
	$fn = "$dir/$fn" unless $fn =~ /^\//;
	} else {
	$fn = readlink $fn;
	+ $fn = $1 if $fn =~ /^(\S+)$/; # untaint readlink
	}
	}
	}
	@@ -366,13 +368,13 @@
	chomp;
	next if /^\s*#/;
	if ($nothash) {
	- s/^\s+//; s/\s+$//;
	+ next unless s/^\s(.+?)\s$/$1/; # untaint
	$conf->{$_} = 7;
	push @lines, $_;
	} else {
	next unless /=/;
	- my ($attribute, $value) = split /\=/, $_, 2;
	- $attribute =~ s/^\s+//; $attribute =~ s/\s+$//;
	+ my ($attribute, $value) = /^\s(.+?)\s=\s(.+?)\s$/; # untaint
	+ next unless (defined $attribute && defined $value);
	$conf->{$attribute} = $self->parse_value($value);
	}
	$total++;
	--- Client/Core.pm~ Wed Nov 13 12:01:10 2002
	+++ Client/Core.pm Sun Sep 21 23:20:21 2003
	@@ -216,8 +216,10 @@
	foreach $rr ($query->answer) {
	my $pushed = 0;
	if ($rr->type eq "A") {
	- push @list, $rr->address;
	- $pushed = 1;
	+ if ($rr->address =~ m/^(\d+\.\d+\.\d+\.\d+)$/) {
	+ push @list, $1;
	+ $pushed = 1;
	+ }
	} elsif ($rr->type eq "CNAME") {
	if ($rr->cname eq 'list.terminator') {
	pop @list if $pushed;