There are some spam made by criminals that is dangerous and I made a regex some time ago to catch those.
Today I noticed that ASSP had crashed a few times in sequence.
This is the regex that can crash ASSP:
(boleto|cobran|comprovante|fatura|intimacao)(\s|.){0,30}\<a href\=\"http\:\/\/
The part of the regex that causes the crash is the "<" symbol (with or whitout the "\" escape symbol).
Please note that I am not defending that this regex is well written,
just that it crashes ASSP and that was unexpected.
The regex is part of the blackRe (file:files/blackre.txt)
And this is the part of the mail that can cause the crash (Note that this is a valid mail sent from a customer, not the spam I was targeting):
John por gentileza voc=EA poderia nos dar referencia comercial do =
cliente
CNPJ 171.745.631/001500.
=20
Cliente desde.
=20
Pagamento.
=20
Ultima compra.
=20
Maior fatura.
=20
=20
Att.
=20
ROcaRrdo Pel=E1.
=20
???
=20
EUBORRAXA Comercio de PECAS de Pl=E1sticos Ltda
Telefone: ( 011 ) 959803-91554
=20
http://www.euborraxa.com.br/ www.euborraxa.com.br
=20
robert@euborraxa.com.br
=20
=20
------=_NextPart_001_023F_01D07E7A.7D5819A0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<html xmlns:v="3D"urn:schemas-microsoft-com:vml"" =="" xmlns:o="3D"urn:schemas-microsoft-com:office:office"" =="" xmlns:w="3D"urn:schemas-microsoft-com:office:word"" =="" xmlns:m="3D"http://schemas.microsoft.com/office/2004/12/omml"" =="" xmlns="3D"http://www.w3.org/TR/REC-html40"">
<head>
<meta http-equiv="3DContent-Type" content="3D"text/html;" =="" charset="3Diso-8859-1"">
<meta name="3DGenerator" content="3D"Microsoft" Word="" 12="" (filtered="" medium)"="">
<style>
</style>
</head>
<body lang="3DPT-BR" link="3Dblue" vlink="3Dpurple">
Bom dia!<o:p></o:p>
<o:p> </o:p>
John por gentileza voc=EA poderia nos dar = referencia comercial do cliente 171.745.631/001500.<o:p></o:p>
<o:p> </o:p>
Cliente desde.<o:p></o:p>
<o:p> </o:p>
Pagamento.<o:p></o:p>
<o:p> </o:p>
Ultima compra.<o:p></o:p>
<o:p> </o:p>
Maior fatura.<o:p></o:p>
<o:p> </o:p>
<o:p> </o:p>
Att.<o:p></o:p>
<o:p> </o:p>
Ricardo Pel=E1.<o:p></o:p>
<o:p> </o:p>
<o:p></o:p>
what is the Perl error message for the crash?
You may try to escape the '<' with the hex value '\x3C'
nothing to fix