File CVE-2020-1931.diff of Package spamassassin.12434

Index: lib/Mail/SpamAssassin/Conf.pm
===================================================================
--- lib/Mail/SpamAssassin/Conf.pm	(revision 1872750)
+++ lib/Mail/SpamAssassin/Conf.pm	(working copy)
@@ -3496,6 +3496,20 @@
     setting => 'priority',
     is_priv => 1,
     type => $CONF_TYPE_HASH_KEY_VALUE,
+    code => sub {
+      my ($self, $key, $value, $line) = @_;
+      my ($rulename, $priority) = split(/\s+/, $value, 2);
+      unless (defined $priority) {
+        return $MISSING_REQUIRED_VALUE;
+      }
+      unless ($rulename =~ IS_RULENAME) {
+        return $INVALID_VALUE;
+      }
+      unless ($priority =~ /^-?\d+$/) {
+        return $INVALID_VALUE;
+      }
+      $self->{priority}->{$rulename} = $priority;
+    }
   });
 
 =back

--- lib/Mail/SpamAssassin/Plugin/Check.pm.orig	2020-03-24 14:30:34.597938332 +0100
+++ lib/Mail/SpamAssassin/Plugin/Check.pm	2020-03-24 14:43:26.084199675 +0100
@@ -551,7 +551,7 @@
     foreach my $token (@tokens) {
 
       # ... rulename?
-      if ($token =~ /^${RULENAME_RE}\z/) {
+      if ($token =~ IS_RULENAME) {
         # the " || 0" formulation is to avoid "use of uninitialized value"
         # warnings; this is better than adding a 0 to a hash for every
         # rule referred to in a meta...
--- lib/Mail/SpamAssassin/Conf/Parser.pm.orig	2020-03-24 14:30:45.598084233 +0100
+++ lib/Mail/SpamAssassin/Conf/Parser.pm	2020-03-24 14:45:51.122129352 +0100
@@ -1190,7 +1190,7 @@
   my $conf = $self->{conf};
 
   # Don't allow invalid names ...
-  if ($name !~ /^${RULENAME_RE}$/) {
+  if ($name !~ IS_RULENAME) {
     $self->lint_warn("config: error: rule '$name' has invalid characters ".
 	   "(not Alphanumeric + Underscore + starting with a non-digit)\n", $name);
     return;
@@ -1351,7 +1351,7 @@
   # Go through each token in the meta rule
   foreach my $token (@tokens) {
     # If the token is a syntactically legal rule name, make it zero
-    if ($token =~ /^${RULENAME_RE}\z/s) {
+    if ($token =~ IS_RULENAME) {
       $meta .= "0 ";
     }
     # if it is a number or a string of 1 or 2 punctuation characters (i.e. operators) tack it onto the degenerate rule
--- lib/Mail/SpamAssassin/Constants.pm.orig	2020-03-24 14:30:54.586203447 +0100
+++ lib/Mail/SpamAssassin/Constants.pm	2020-03-24 14:47:05.279115983 +0100
@@ -44,6 +44,7 @@
 	MAX_BODY_LINE_LENGTH MAX_HEADER_KEY_LENGTH MAX_HEADER_VALUE_LENGTH
 	MAX_HEADER_LENGTH ARITH_EXPRESSION_LEXER AI_TIME_UNKNOWN
 	CHARSETS_LIKELY_TO_FP_AS_CAPS MAX_URI_LENGTH RULENAME_RE
+	IS_RULENAME
   );
 
   %EXPORT_TAGS = (
@@ -405,4 +406,7 @@
 # Allowed rulename format
 use constant RULENAME_RE => qr([_a-zA-Z][_a-zA-Z0-9]{0,127});
 
+# Exact match
+use constant IS_RULENAME => qr/^${\(RULENAME_RE)}$/;
+
 1;