Bug 7880 - Can't call method "name" on an undefined value at lib/Mail/SpamAssassin/Message/Node.pm line 533 (nullref exception)
Summary: Can't call method "name" on an undefined value at lib/Mail/SpamAssassin/Messa...
Status: RESOLVED FIXED
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Libraries (show other bugs)
Version: SVN Trunk (Latest Devel Version)
Hardware: PC Linux
: P2 normal
Target Milestone: Undefined
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-01-19 18:58 UTC by John Hardin
Modified: 2021-01-19 19:02 UTC (History)
1 user (show)


Attachment Type Modified Status Actions Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Hardin 2021-01-19 18:58:17 UTC 
r1864393 introduced a nullref weakness in a Node.pm debug message that triggers when a UTF-16 header (or, presumably, body part) is too short for detect_utf16() to be able to detect the endianness from the encoded data (or, presumably, when it cannot detect the endianness for some other reason).

This occurs even if the UTF-16 data includes a BOM.

3.4 does not have this nullref weakness as the debug message change was not backported.

Repro: Put this header in a test message:

  From:=?UTF-16?B?//492Enc?= DermaCorrect <@ewFXg.maclostech320.xyz;live.de;>

(note: malformed header is verbatim from actual spam)
Comment 1 John Hardin 2021-01-19 19:02:17 UTC 
1. Modify test data to include a "short UTF-16" header case observed in-the-wild that triggered this bug, verify test on unmodified Node.pm fails.
2. Modify Node.pm _normalize() to behave safely if detect_utf16() cannot determine the endianness of the data.
3. Modify detect_utf16() to skip the data scan if a BOM is present (for efficiency, as Perl's UTF-16 decoder will figure out the endianness from the BOM)
4. Verify test from 1 now passes
5. Verify example from bug 7252 still works properly

Modified: .../trunk/lib/Mail/SpamAssassin/Message/Node.pm
Modified: .../trunk/t/data/nice/unicode2
Committed revision 1885696.