[cvs] SF.net SVN: bogofilter:[6950] branches/avoid-rfc2047-pushback/bogofilter/ src/tests/inputs/ev
Fast Bayesian spam filter along lines suggested by Paul Graham
Brought to you by:
m-a
From: <m-...@us...> - 2011-05-08 02:13:38
|
Revision: 6950 http://bogofilter.svn.sourceforge.net/bogofilter/?rev=6950&view=rev Author: m-a Date: 2011-05-08 02:13:31 +0000 (Sun, 08 May 2011) Log Message: ----------- Add a sample of lexer pushback overflow in the RFC2047-related code Modified Paths: -------------- branches/avoid-rfc2047-pushback/bogofilter/src/tests/inputs/evidence_vault/README.txt Added Paths: ----------- branches/avoid-rfc2047-pushback/bogofilter/src/tests/inputs/evidence_vault/lexer-overflows/spam Modified: branches/avoid-rfc2047-pushback/bogofilter/src/tests/inputs/evidence_vault/README.txt =================================================================== --- branches/avoid-rfc2047-pushback/bogofilter/src/tests/inputs/evidence_vault/README.txt 2011-05-08 02:08:45 UTC (rev 6949) +++ branches/avoid-rfc2047-pushback/bogofilter/src/tests/inputs/evidence_vault/README.txt 2011-05-08 02:13:31 UTC (rev 6950) @@ -12,6 +12,14 @@ http://userpage.fu-berlin.de/~plenz/bogofilter/lexer-overflows.tar.gz Proposed action: -- identify the culprit in the lexer ensemble +- identify the culprit in the lexer ensemble - probably HTML stuff - fix it - integrate these into the self-test suite + + +Another incident reported by Seth David Schoen on 2011-05-07 to the +mailing list, who showed a sample, dubbed lexer-overflow/spam, that +breaks the RFC2047 part. It gets trapped when the flex part of the +lexer tries to decode the MIME headers. I know this recursion was evil, +but I hadn't expected we'd jam the lexer with pushbacks here. Anyways, +the solution is to avoid any kind of nontrivial pushback in the lexer. Added: branches/avoid-rfc2047-pushback/bogofilter/src/tests/inputs/evidence_vault/lexer-overflows/spam =================================================================== --- branches/avoid-rfc2047-pushback/bogofilter/src/tests/inputs/evidence_vault/lexer-overflows/spam (rev 0) +++ branches/avoid-rfc2047-pushback/bogofilter/src/tests/inputs/evidence_vault/lexer-overflows/spam 2011-05-08 02:13:31 UTC (rev 6950) @@ -0,0 +1,106 @@ +Return-Path: <bul...@pr...> +X-Original-To: coo...@ef... +Delivered-To: coo...@ef... +Received: from [183.81.106.194] (unknown [183.81.106.194]) + by mail1.eff.org (Postfix) with ESMTP id C3F25BDD02; + Fri, 6 May 2011 06:02:57 -0700 (PDT) +Subject: =?koi8-r?B?Q8zV1sJhIHDB02PZzM9r?= @@ Diff output truncated at 100000 characters. @@ This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |