From aba8792c8a82ef52a3188ee7295e501ca21dae3b Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 26 Aug 2009 12:57:06 +0200 Subject: bugfix: message sanitation had some issues - control character DEL was not properly escaped - NUL and LF characters were not properly stripped if no control character replacement was to be done - NUL characters in the message body were silently dropped (this was a regeression introduced by some of the recent optimizations) --- runtime/msg.h | 17 +++++++++++++++++ runtime/parser.c | 16 ++++++++++++---- 2 files changed, 29 insertions(+), 4 deletions(-) (limited to 'runtime') diff --git a/runtime/msg.h b/runtime/msg.h index 0b346f7b..3a02365b 100644 --- a/runtime/msg.h +++ b/runtime/msg.h @@ -192,6 +192,23 @@ uchar *propIDToName(propid_t propID); extern void (*funcMsgPrepareEnqueue)(msg_t *pMsg); #define MsgPrepareEnqueue(pMsg) funcMsgPrepareEnqueue(pMsg) + +/* ------------------------------ some inline functions ------------------------------ */ + +/* set raw message size. This is needed in some cases where a trunctation is necessary + * but the raw message must not be newly set. The most important (and currently only) + * use case is if we remove trailing LF or NUL characters. Note that the size can NOT + * be extended, only shrunk! + * rgerhards, 2009-08-26 + */ +static inline void +MsgSetRawMsgSize(msg_t *pMsg, size_t newLen) +{ + assert(newLen <= (size_t) pMsg->iLenRawMsg); + pMsg->iLenRawMsg = newLen; +} + + #endif /* #ifndef MSG_H_INCLUDED */ /* vim:set ai: */ diff --git a/runtime/parser.c b/runtime/parser.c index a2538fa3..db11ac5b 100644 --- a/runtime/parser.c +++ b/runtime/parser.c @@ -163,6 +163,7 @@ sanitizeMessage(msg_t *pMsg) size_t iDst; size_t iMaxLine; size_t maxDest; + bool bUpdatedLen = FALSE; uchar szSanBuf[32*1024]; /* buffer used for sanitizing a string */ assert(pMsg != NULL); @@ -177,6 +178,7 @@ sanitizeMessage(msg_t *pMsg) /* remove NUL character at end of message (see comment in function header) */ if(pszMsg[lenMsg-1] == '\0') { DBGPRINTF("dropped NUL at very end of message\n"); + bUpdatedLen = TRUE; lenMsg--; } @@ -187,6 +189,7 @@ sanitizeMessage(msg_t *pMsg) */ if(bDropTrailingLF && pszMsg[lenMsg-1] == '\n') { DBGPRINTF("dropped LF at very end of message (DropTrailingLF is set)\n"); + bUpdatedLen = TRUE; lenMsg--; } @@ -197,7 +200,7 @@ sanitizeMessage(msg_t *pMsg) */ int bNeedSanitize = 0; for(iSrc = 0 ; iSrc < lenMsg ; iSrc++) { - if(pszMsg[iSrc] < 32) { + if(iscntrl(pszMsg[iSrc])) { if(pszMsg[iSrc] == '\0' || bEscapeCCOnRcv) { bNeedSanitize = 1; break; @@ -205,8 +208,11 @@ sanitizeMessage(msg_t *pMsg) } } - if(!bNeedSanitize) + if(!bNeedSanitize) { + if(bUpdatedLen == TRUE) + MsgSetRawMsgSize(pMsg, lenMsg); FINALIZE; + } /* now copy over the message and sanitize it */ iMaxLine = glbl.GetMaxLine(); @@ -219,8 +225,10 @@ sanitizeMessage(msg_t *pMsg) CHKmalloc(pDst = malloc(sizeof(uchar) * (iMaxLine + 1))); iSrc = iDst = 0; while(iSrc < lenMsg && iDst < maxDest - 3) { /* leave some space if last char must be escaped */ - if(pszMsg[iSrc] == '\0') { /* guard against \0 characters... */ - } else if(iscntrl((int) pszMsg[iSrc])) { + if(iscntrl((int) pszMsg[iSrc])) { + /* note: \0 must always be escaped, the rest of the code currently + * can not handle it! -- rgerhards, 2009-08-26 + */ if(pszMsg[iSrc] == '\0' || bEscapeCCOnRcv) { /* we are configured to escape control characters. Please note * that this most probably break non-western character sets like -- cgit