ruledb: match field: validate regular expressions on addition

Do not save rules if they die during an execution test, which is done
by using them once on an empty string.

Since users may have saved already invalid ones, only warn if we
encounter such a regex in 'parse_entity' during execution instead of
dying. Otherwise pmg-smtp-filter will exit and restart, possibly
leading to wrongly denying mails (and possibly sending out NDRs)
before spam checking was done.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Tested-by: Mira Limbeck <m.limbeck@proxmox.com>
Reviewed-by: Mira Limbeck <m.limbeck@proxmox.com>
 [ T: touch up commit subject/message ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

diff --git a/src/PMG/RuleDB/MatchField.pm b/src/PMG/RuleDB/MatchField.pm
index 2b5605827a6b53a9f294a5a7b206bd2a8fe0a991..177a2832e5aec50ba9de1917c5d81573bcf36524 100644 (file)
--- a/src/PMG/RuleDB/MatchField.pm
+++ b/src/PMG/RuleDB/MatchField.pm
@@ -69,7 +69,13 @@ sub save {
 
     defined($self->{ogroup}) || die "undefined ogroup: ERROR";
 
-    my $new_value = "$self->{field}:$self->{field_value}";
+    my $regex = $self->{field_value};
+
+    # test regex for validity
+    eval { "" =~ /$regex/i; };
+    die "invalid regex: $@\n" if $@;
+
+    my $new_value = "$self->{field}:$regex";
     $new_value =~ s/\\/\\\\/g;
     $new_value = encode('UTF-8', $new_value);
 
@@ -111,9 +117,12 @@ sub parse_entity {
            my $decvalue = PMG::Utils::decode_rfc1522($value);
            $decvalue = PMG::Utils::try_decode_utf8($decvalue);
 
-           if ($decvalue =~ m|$self->{field_value}|i) {
-               push @$res, $id;
-           }
+           eval {
+               if ($decvalue =~ m|$self->{field_value}|i) {
+                   push @$res, $id;
+               }
+           };
+           warn "invalid regex: $@\n" if $@;
        }
     }