* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003-???? */
-/* License: GPL */
+/*
+ * Copyright (c) The Exim Maintainers 2016 - 2024
+ * Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003-2015
+ * License: GPL
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
/* Code for matching regular expressions against headers and body.
Called from acl.c. */
/* Structure to hold a list of Regular expressions */
typedef struct pcre_list {
- pcre *re;
- uschar *pcre_text;
- struct pcre_list *next;
+ const pcre2_code * re;
+ uschar * pcre_text;
+ struct pcre_list * next;
} pcre_list;
-uschar regex_match_string_buffer[1024];
-
extern FILE *mime_stream;
extern uschar *mime_current_boundary;
-int regex(uschar **listptr) {
- int sep = 0;
- uschar *list = *listptr;
- uschar *regex_string;
- uschar regex_string_buffer[1024];
- unsigned long mbox_size;
- FILE *mbox_file;
- pcre *re;
- pcre_list *re_list_head = NULL;
- pcre_list *re_list_item;
- const char *pcre_error;
- int pcre_erroffset;
- uschar *linebuffer;
- long f_pos = 0;
-
- /* reset expansion variable */
- regex_match_string = NULL;
-
- if (mime_stream == NULL) {
- /* We are in the DATA ACL */
- mbox_file = spool_mbox(&mbox_size, NULL);
- if (mbox_file == NULL) {
- /* error while spooling */
- log_write(0, LOG_MAIN|LOG_PANIC,
- "regex acl condition: error while creating mbox spool file");
- return DEFER;
- };
- }
- else {
- f_pos = ftell(mime_stream);
- mbox_file = mime_stream;
- };
- /* precompile our regexes */
- while ((regex_string = string_nextinlist(&list, &sep,
- regex_string_buffer,
- sizeof(regex_string_buffer))) != NULL) {
-
- /* parse option */
- if ( (strcmpic(regex_string,US"false") == 0) ||
- (Ustrcmp(regex_string,"0") == 0) ) {
- /* explicitly no matching */
- continue;
- };
+static pcre_list *
+compile(const uschar * list, BOOL cacheable, int * cntp)
+{
+int sep = 0, cnt = 0;
+uschar * regex_string;
+pcre_list * re_list_head = NULL, * ri;
+/* precompile our regexes */
+while ((regex_string = string_nextinlist(&list, &sep, NULL, 0)))
+ if (strcmpic(regex_string, US"false") != 0 && Ustrcmp(regex_string, "0") != 0)
+ {
/* compile our regular expression */
- re = pcre_compile( CS regex_string,
- 0,
- &pcre_error,
- &pcre_erroffset,
- NULL );
-
- if (re == NULL) {
- log_write(0, LOG_MAIN,
- "regex acl condition warning - error in regex '%s': %s at offset %d, skipped.", regex_string, pcre_error, pcre_erroffset);
+ uschar * errstr;
+ const pcre2_code * re = regex_compile(regex_string,
+ cacheable ? MCS_CACHEABLE : MCS_NOFLAGS, &errstr, pcre_gen_cmp_ctx);
+
+ if (!re)
+ {
+ log_write(0, LOG_MAIN, "regex acl condition warning - %s, skipped", errstr);
continue;
+ }
+
+ ri = store_get(sizeof(pcre_list), GET_UNTAINTED);
+ ri->re = re;
+ ri->pcre_text = regex_string;
+ ri->next = re_list_head;
+ re_list_head = ri;
+ cnt++;
}
- else {
- re_list_item = store_get(sizeof(pcre_list));
- re_list_item->re = re;
- re_list_item->pcre_text = string_copy(regex_string);
- re_list_item->next = re_list_head;
- re_list_head = re_list_item;
- };
- };
-
- /* no regexes -> nothing to do */
- if (re_list_head == NULL) {
- return FAIL;
- };
-
- /* match each line against all regexes */
- linebuffer = store_get(32767);
- while (fgets(CS linebuffer, 32767, mbox_file) != NULL) {
- if ( (mime_stream != NULL) && (mime_current_boundary != NULL) ) {
- /* check boundary */
- if (Ustrncmp(linebuffer,"--",2) == 0) {
- if (Ustrncmp((linebuffer+2),mime_current_boundary,Ustrlen(mime_current_boundary)) == 0)
- /* found boundary */
- break;
- };
- };
- re_list_item = re_list_head;
- do {
- /* try matcher on the line */
- if (pcre_exec(re_list_item->re, NULL, CS linebuffer,
- (int)Ustrlen(linebuffer), 0, 0, NULL, 0) >= 0) {
- Ustrncpy(regex_match_string_buffer, re_list_item->pcre_text, 1023);
- regex_match_string = regex_match_string_buffer;
- if (mime_stream == NULL)
- (void)fclose(mbox_file);
- else {
- clearerr(mime_stream);
- fseek(mime_stream,f_pos,SEEK_SET);
- };
- return OK;
- };
- re_list_item = re_list_item->next;
- } while (re_list_item != NULL);
- };
-
- if (mime_stream == NULL)
- (void)fclose(mbox_file);
- else {
- clearerr(mime_stream);
- fseek(mime_stream,f_pos,SEEK_SET);
- };
+if (cntp) *cntp = cnt;
+return re_list_head;
+}
+
+
+/* Check list of REs against buffer, returning OK for (first) match,
+else FAIL. On match return allocated result strings in regex_vars[].
+
+We use the perm-pool for that, so that our caller can release
+other allocations.
+*/
+static int
+matcher(pcre_list * re_list_head, uschar * linebuffer, int len)
+{
+pcre2_match_data * md = pcre2_match_data_create(REGEX_VARS + 1, pcre_gen_ctx);
+
+for (pcre_list * ri = re_list_head; ri; ri = ri->next)
+ {
+ int n;
+
+ /* try matcher on the line */
+ if ((n = pcre2_match(ri->re, (PCRE2_SPTR)linebuffer, len, 0, 0, md, pcre_gen_mtc_ctx)) > 0)
+ {
+ int save_pool = store_pool;
+ store_pool = POOL_PERM;
- /* no matches ... */
- return FAIL;
+ regex_match_string = string_copy(ri->pcre_text);
+
+ for (int nn = 1; nn < n; nn++)
+ {
+ PCRE2_SIZE * ovec = pcre2_get_ovector_pointer(md);
+ int off = nn * 2;
+ int len = ovec[off + 1] - ovec[off];
+ regex_vars[nn-1] = string_copyn(linebuffer + ovec[off], len);
+ }
+
+ store_pool = save_pool;
+ return OK;
+ }
+ }
+/* pcre2_match_data_free(md); gen ctx needs no free */
+return FAIL;
+}
+
+
+/* reset expansion variables */
+void
+regex_vars_clear(void)
+{
+regex_match_string = NULL;
+for (int i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
}
-int mime_regex(uschar **listptr) {
- int sep = 0;
- uschar *list = *listptr;
- uschar *regex_string;
- uschar regex_string_buffer[1024];
- pcre *re;
- pcre_list *re_list_head = NULL;
- pcre_list *re_list_item;
- const char *pcre_error;
- int pcre_erroffset;
- FILE *f;
- uschar *mime_subject = NULL;
- int mime_subject_len = 0;
- /* reset expansion variable */
- regex_match_string = NULL;
+int
+regex(const uschar ** listptr, BOOL cacheable)
+{
+unsigned long mbox_size;
+FILE * mbox_file;
+pcre_list * re_list_head;
+long f_pos = 0;
+int ret = FAIL, cnt, lcount = REGEX_LOOPCOUNT_STORE_RESET;
+
+regex_vars_clear();
+
+if (!mime_stream) /* We are in the DATA ACL */
+ {
+ if (!(mbox_file = spool_mbox(&mbox_size, NULL, NULL)))
+ { /* error while spooling */
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "regex acl condition: error while creating mbox spool file");
+ return DEFER;
+ }
+ }
+else
+ {
+ if ((f_pos = ftell(mime_stream)) < 0)
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "regex acl condition: mime_stream: %s", strerror(errno));
+ return DEFER;
+ }
+ mbox_file = mime_stream;
+ }
/* precompile our regexes */
- while ((regex_string = string_nextinlist(&list, &sep,
- regex_string_buffer,
- sizeof(regex_string_buffer))) != NULL) {
-
- /* parse option */
- if ( (strcmpic(regex_string,US"false") == 0) ||
- (Ustrcmp(regex_string,"0") == 0) ) {
- /* explicitly no matching */
- continue;
- };
+ if ((re_list_head = compile(*listptr, cacheable, &cnt)))
+ {
+ rmark reset_point = store_mark();
+
+ /* match each line against all regexes */
+ while (fgets(CS big_buffer, big_buffer_size, mbox_file))
+ {
+ if ( mime_stream && mime_current_boundary /* check boundary */
+ && Ustrncmp(big_buffer, "--", 2) == 0
+ && Ustrncmp((big_buffer+2), mime_current_boundary,
+ Ustrlen(mime_current_boundary)) == 0)
+ break; /* found boundary */
+
+ if ((ret = matcher(re_list_head, big_buffer, (int)Ustrlen(big_buffer))) == OK)
+ break;
+
+ if ((lcount -= cnt) <= 0)
+ {
+ store_reset(reset_point); reset_point = store_mark();
+ lcount = REGEX_LOOPCOUNT_STORE_RESET;
+ }
+ }
+
+ store_reset(reset_point);
+ }
- /* compile our regular expression */
- re = pcre_compile( CS regex_string,
- 0,
- &pcre_error,
- &pcre_erroffset,
- NULL );
-
- if (re == NULL) {
- log_write(0, LOG_MAIN,
- "regex acl condition warning - error in regex '%s': %s at offset %d, skipped.", regex_string, pcre_error, pcre_erroffset);
- continue;
+if (!mime_stream)
+ (void)fclose(mbox_file);
+else
+ {
+ clearerr(mime_stream);
+ if (fseek(mime_stream, f_pos, SEEK_SET) == -1)
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "regex acl condition: mime_stream: %s", strerror(errno));
+ clearerr(mime_stream);
}
- else {
- re_list_item = store_get(sizeof(pcre_list));
- re_list_item->re = re;
- re_list_item->pcre_text = string_copy(regex_string);
- re_list_item->next = re_list_head;
- re_list_head = re_list_item;
- };
- };
-
- /* no regexes -> nothing to do */
- if (re_list_head == NULL) {
- return FAIL;
- };
-
- /* check if the file is already decoded */
- if (mime_decoded_filename == NULL) {
- uschar *empty = US"";
- /* no, decode it first */
- mime_decode(&empty);
- if (mime_decoded_filename == NULL) {
- /* decoding failed */
- log_write(0, LOG_MAIN,
- "mime_regex acl condition warning - could not decode MIME part to file.");
- return DEFER;
- };
- };
-
-
- /* open file */
- f = fopen(CS mime_decoded_filename, "rb");
- if (f == NULL) {
- /* open failed */
+ }
+
+return ret;
+}
+
+
+int
+mime_regex(const uschar **listptr, BOOL cacheable)
+{
+pcre_list * re_list_head = NULL;
+FILE * f;
+uschar * mime_subject = NULL;
+int mime_subject_len = 0;
+int ret = FAIL;
+rmark reset_point;
+
+regex_vars_clear();
+
+/* check if the file is already decoded */
+if (!mime_decoded_filename)
+ { /* no, decode it first */
+ const uschar *empty = US"";
+ mime_decode(&empty);
+ if (!mime_decoded_filename)
+ { /* decoding failed */
log_write(0, LOG_MAIN,
- "mime_regex acl condition warning - can't open '%s' for reading.", mime_decoded_filename);
+ "mime_regex acl condition warning - could not decode MIME part to file");
return DEFER;
- };
-
- /* get 32k memory */
- mime_subject = (uschar *)store_get(32767);
-
- /* read max 32k chars from file */
- mime_subject_len = fread(mime_subject, 1, 32766, f);
-
- re_list_item = re_list_head;
- do {
- /* try matcher on the mmapped file */
- debug_printf("Matching '%s'\n", re_list_item->pcre_text);
- if (pcre_exec(re_list_item->re, NULL, CS mime_subject,
- mime_subject_len, 0, 0, NULL, 0) >= 0) {
- Ustrncpy(regex_match_string_buffer, re_list_item->pcre_text, 1023);
- regex_match_string = regex_match_string_buffer;
- (void)fclose(f);
- return OK;
- };
- re_list_item = re_list_item->next;
- } while (re_list_item != NULL);
-
- (void)fclose(f);
-
- /* no matches ... */
- return FAIL;
+ }
+ }
+
+/* open file */
+if (!(f = fopen(CS mime_decoded_filename, "rb")))
+ {
+ log_write(0, LOG_MAIN,
+ "mime_regex acl condition warning - can't open '%s' for reading",
+ mime_decoded_filename);
+ return DEFER;
+ }
+
+reset_point = store_mark();
+ {
+ /* precompile our regexes */
+ if ((re_list_head = compile(*listptr, cacheable, NULL)))
+ {
+ /* get 32k memory, tainted */
+ mime_subject = store_get(32767, GET_TAINTED);
+
+ mime_subject_len = fread(mime_subject, 1, 32766, f);
+
+ ret = matcher(re_list_head, mime_subject, mime_subject_len);
+ }
+ }
+store_reset(reset_point);
+(void)fclose(f);
+return ret;
}
-#endif
+#endif /* WITH_CONTENT_SCAN */