torsdag 19 december 2019 kl. 11:41:21 CET skrev du: > I can confirm that patch works as expected. > > Patch does not apply cleanly on my SA (3.4.2-1~deb9u2) but only for > cosmetic differences, attached a patch that wok on SA 3.4.2-1~deb9u2. > > > Thanks!
I came up with the following RE loop to parse the options string. It should
allow a few more things that admins might potentially be using, like non-
integer values (for dontgreylistthreshold), while barfing on bad syntax.
while ($optionhash =~ /(?:\G(?<!^)|^\s*\()\s*(?>(?<quot1>['"])(?<opt>.*?)
\g{quot1})
\s*=>\s*
(?>(?<quot2>['"])(?<val>.*?)\g{quot2}
|
(?<val>-?(?:\d+(?:\.\d*)?|(?:\d*\.)?\d+))
)\s*(?:;?\s*\)\s*$|;(?!$))/gxc) {
$option{$+{opt}} = $+{val};
}
if ((pos($optionhash) // 0) < length $optionhash) {
die "Syntax error";
}
I just need to add the variable untainting.
--
Magnus Holmgren [email protected]
Debian Developer
signature.asc
Description: This is a digitally signed message part.
