239
239
while (defined ($line = shift @conf_lines)) {
240
local ($1); # bug 3838: prevent random taint flagging of $1
240
242
$line =~ s/(?<!\\)#.*$//; # remove comments
241
243
$line =~ s/^\s+//; # remove leading whitespace
242
244
$line =~ s/\s+$//; # remove tailing whitespace
535
537
while ( ($k,$v) = each %{$conf->{tests}} ) {
536
if ($conf->{lint_rules}) {
537
if (length($k) > 50 && $k !~ /^__/ && $k !~ /^T_/) {
538
warn "config: warning: rule name '$k' is over 50 chars\n";
543
538
if ( ! exists $conf->{scores}->{$k} ) {
544
539
# T_ rules (in a testing probationary period) get low, low scores
545
540
my $set_score = ($k =~/^T_/) ? 0.01 : 1.0;
602
597
unless (defined $value && $value !~ /^$/) {
603
598
return $Mail::SpamAssassin::Conf::MISSING_REQUIRED_VALUE;
605
unless ($value == 1 || $value == 0) {
600
unless ($value =~ /^[01]$/) {
606
601
return $Mail::SpamAssassin::Conf::INVALID_VALUE;
767
764
###########################################################################
766
sub lint_trusted_networks {
768
my $conf = $self->{conf};
770
my $nt = $conf->{trusted_networks};
771
my $ni = $conf->{internal_networks};
773
# validate trusted_networks and internal_networks, bug 4760.
774
# check that all internal_networks are listed in trusted_networks
777
if ($ni->get_num_nets() > 0 && $nt->get_num_nets() > 0) {
781
foreach my $net (@{$ni->{nets}}) {
782
# don't check to see if an excluded network is included - that's senseless
783
if (!$net->{exclude} && !$nt->contains_net($net)) {
784
my $msg = "trusted_networks doesn't contain internal_networks entry '".
785
($net->{as_string})."'\n";
787
if ($conf->{lint_rules}) {
791
$replace_nets = 1; # and omit it from the new internal set
794
push @valid_ni, $net;
799
# something was invalid. replace the old nets list with a fixed version
800
# (which may be empty)
801
$ni->{nets} = \@valid_ni;
806
###########################################################################
770
809
my ($self, $name, $text, $type) = @_;
771
810
my $conf = $self->{conf};
773
812
# Don't allow invalid names ...
774
if ($name !~ /^\w+$/) {
775
warn "config: error: rule '$name' has invalid characters (not Alphanumeric + Underscore)\n";
813
if ($name !~ /^\D\w*$/) {
814
warn "config: error: rule '$name' has invalid characters ".
815
"(not Alphanumeric + Underscore + starting with a non-digit)\n";
820
# Also set a hard limit for ALL rules (rule names longer than 242
821
# characters throw warnings). Check this separately from the above
822
# pattern to avoid vague error messages.
823
if (length $name > 200) {
824
warn "config: error: rule '$name' is way too long ".
825
"(recommended maximum length is 22 characters)\n";
830
# Warn about, but use, long rule names during --lint
831
if ($conf->{lint_rules}) {
832
if (length($name) > 50 && $name !~ /^__/ && $name !~ /^T_/) {
833
warn "config: warning: rule name '$name' is over 50 chars ".
834
"(recommended maximum length is 22 characters)\n";
780
839
# all of these rule types are regexps
907
966
# security of the regexp. simply using ("" =~ $re) will NOT do that, and
908
967
# will therefore open a hole!
909
968
if (eval { ("" =~ m#${re}#); 1; }) {
911
# now double-check -- try with the user-supplied delimiters as well
912
my $evalstr = '("" =~ '.$safere.'); 1;';