added matchregex bugfix

indimail-mta-x/doc/ChangeLog

@@ -106,6 +106,10 @@ o Updated test-indimail-mta with additional tests (SPF, SRS, CHECKSENDER,
 - 25/10/2023
 65. autoresponder.c, indimail-spamfilter.c: rewind descriptor 0 regardless of
     MAKE_SEEKABLE setting
+- 29/10/2023
+66. filterit_sub.c, qmail-queue.c, smtpd.c, qregex.c, bug - error in regexp
+    treated as match
+67. test-indimail-mta: added test case to test invalid regex expression
 
 * Fri Sep 08 2023 11:58:03 +0000 Manvendra Bhangui <indimail-mta@indimail.org> 3.0.4-1.1%{?dist}
 Release 3.0.4-1.1 Start 24/04/2023 End 08/09/2023

indimail-mta-x/filterit_sub.c

@@ -1,5 +1,5 @@
 /*
- * $Id: filterit_sub.c,v 1.4 2023-10-01 02:11:00+05:30 Cprogrammer Exp mbhangui $
+ * $Id: filterit_sub.c,v 1.5 2023-10-29 17:12:48+05:30 Cprogrammer Exp mbhangui $
  */
 #include <ctype.h>
 #include <unistd.h>
@@ -615,7 +615,8 @@ filterit_sub1(int argc, char **argv)
 		break;
 	case 5: /*- RegExp */
 		for (ptr = matched_header.s + tmp.len; isspace(*ptr); ptr++, tmp.len++);
-		match = matchregex(matched_header.s + tmp.len, keyword, 0);
+		if ((match = matchregex(matched_header.s + tmp.len, keyword, 0)) == -1)
+			break;
 		if (negate)
 			match = !match;
 		if (match)
@@ -652,6 +653,9 @@ getversion_filterit_c()
 
 /*
  * $Log: filterit_sub.c,v $
+ * Revision 1.5  2023-10-29 17:12:48+05:30  Cprogrammer
+ * bug - error in regexp treated as match
+ *
  * Revision 1.4  2023-10-01 02:11:00+05:30  Cprogrammer
  * removed setting of QQEH for X-FilterIT header
  *

indimail-mta-x/qmail-queue.9

@@ -10,7 +10,7 @@ qmail-queue \- queue a mail message for delivery
 .SH DESCRIPTION
 \fBqmail-queue\fR reads a mail message from descriptor 0. It then reads
 envelope information from descriptor 1. It places the message into the
-outgoing queue for future delivery by \fBqmail-send\fR.  The default
+outgoing queue for future delivery by \fBqmail-send\fR. The default
 outgoing queue is @qmaildir@/queue. This can be changed by setting
 environment variable QUEUEDIR to point to a path having a valid
 queue created by the program \fBqueue-fix\fR(8). \fBqmail-queue\fR
@@ -22,21 +22,21 @@ by the following environment variables.
 .TP 5
 \fBQUEUE_BASE\fR The base directory having all the indimail queues. If this
 is not defined, the control file \fIqueue_base\fR is used. This is
-typically QMAILHOME/queue.
+typically @qmaildir@/queue.
 
 .TP 5
 \fBQUEUE_START\fR This is a number which defines the first queue that
 should be used.
 
-e.g. QUEUE_START=1 implies the first queue to be QMAILHOME/queue/queue1
+e.g. QUEUE_START=1 implies the first queue to be @qmaildir@/queue/queue1
 
 .TP 5
 \fBQUEUE_COUNT\fR This defines the number of queues that should be used for
 load balancing. \fBqmail-queue\fR used a random number to select a queue in
 a multi-queue setup.
 
-e.g. QUEUE_START=1, QUEUE_COUNT=5 implies 5 queues QMAILHOME/queue/queue1,
-QMAILHOME/queue/queue2, ..., QMAILHOME/queue/queue5
+e.g. QUEUE_START=1, QUEUE_COUNT=5 implies 5 queues @qmaildir@/queue/queue1,
+@qmaildir@/queue/queue2, ..., @qmaildir@/queue/queue5
 
 .TP 5
 .B MIN_FREE
@@ -111,7 +111,7 @@ If the environment variable \fBORIGINIPFIELD\fR is set, a
 "X-Originating-IP" header will be added to every relayed mail.
 
 If the environment variable \fBFASTQUEUE\fR is set, qmail-queue will bypass
-QHPSI, ORIGINIPFIELD, extraqueue, removehaders, envheaders, logheaders,
+QHPSI, ORIGINIPFIELD, extraqueue, removeheaders, envheaders, logheaders,
 mailarchive control files
 
 .SH CONTROL FILES
@@ -205,12 +205,12 @@ the form
   type:regexp:dest_mailbox
 .EE
 
-where \fItype\fR is \fBF\fR  or \fBT\fR. If \fItype\fR is \fBF\fR, rule
+where \fItype\fR is \fBF\fR or \fBT\fR. If \fItype\fR is \fBF\fR, rule
 is appled on the sender. If \fItype\fR is \fBT\fR, the rule is applied on
 the recipient. \fItype\fR can be omitted to match all recipients (but not
 senders). \fIregexp\fR is an expression to match the address (sender or
-recipient as specfied by \fItype\fR) and \fIdest_mailbox\fR is a valid
-email address. \fIregexp\fR can be omitted to match any address. Remember
+recipient as specfied by \fItype\fR). \fIdest_mailbox\fR is a valid email
+address. \fIregexp\fR can be omitted to match any address. Remember
 that \fIregexp\fR is a real regular expression and not filename glob
 pattern as used by functions like \fBfnmatch\fR(3). Typically
 \fB.*@yourdomain\fR (and not \fB*@yourdomain\fR) is what you intend when
@@ -226,7 +226,7 @@ replaced as below
 .EE
 
 As stated above, the address used for matching \fIregexp\fR is the sender
-in case type is \fBF\fR. For bounces, you can use \fB<>\fR to match a null
+when type is \fBF\fR. For bounces, you can use \fB<>\fR to match a null
 sender. e.g.
 
 .EX
@@ -238,8 +238,8 @@ When a rule matches a sender or any one of the recipients, the
 recipient list. When a rule matches multiple recipients, only one email
 address will be added to recipient list to avoid duplicates.
 
-The below will make a copy all mails for domain \fIyourdomain\fR to
-\fIarchyourdomain\fR (for all senders - practically each and every mail).
+The below will make a copy all mails for domain \fIdomain\fR to
+arch\fIdomain\fR (for all recipients - practically each and every mail).
 
 .EX
   ::%u@arch%d
@@ -260,6 +260,8 @@ result of \fIregexp\fR match.
   F:!.*@yourdomain:incoming@yourdomain
 .EE
 
+NOTE: Invalid \fIregexp\fR are silently discarded.
+
 .TP
 \fBoriginipfield\fR
 If this control file is set or if the environment variable
@@ -302,15 +304,15 @@ necessity to call additional programs (like reformime or ripmime) except
 for the virus scanner itself.
 
 The QHPSI extension for qmail-queue allows to call an arbitary virus scanner
-directly, scanning the incoming data-stream on STDIN or it allows plugins to
-be loaded from the @prefix@/lib/indimail/plugins directory. This directory
-can be changed by defining \fBPLUGINDIR\fR environment variable. QHPSI can
-be advised to pass multiple arguments to the virus scanner for customization.
-To run external scanner or load scanner plugins, \fBqmail-queue\fR calls
-\fBqhpsi\fR, a program setuid to \fIqscand\fR. By default, \fBqhpsi\fR looks
-for the symbol \fIvirusscan\fR to invoke the scanner. The symbol can be
-changed by setting the environment variable \fBQUEUE_PLUGIN_SYMB\fR to the
-desired symbol.
+directly to scan the message file in \fImess\fR subdirectory or it allows
+plugins to be loaded from the @prefix@/lib/indimail/plugins directory. This
+directory can be changed by defining \fBPLUGINDIR\fR environment variable.
+QHPSI can be advised to pass multiple arguments to the virus scanner for
+customization. To run external scanner or load scanner plugins,
+\fBqmail-queue\fR calls \fBqhpsi\fR, a program setuid to \fIqscand\fR. By
+default, \fBqhpsi\fR looks for the symbol \fIvirusscan\fR to invoke the
+scanner. The symbol can be changed by setting the environment variable
+\fBQUEUE_PLUGIN_SYMB\fR to the desired symbol.
 
 In order to use the QHPSI, the virus scanner has to have the following
 qualifications:
@@ -342,7 +344,7 @@ can be set either to the full path of a scanner or to a list of plugins.
 .IP \n[step] 2
 is set to full path of the virus scanner, i.e. QHPSI=@prefix@/bin/clamdscan.
 If full path is not specified, \fBqmail-queue\fR will use execvp(2) to run
-the scanner. Else it uses execv(2).  Setting QHPSI environment variable
+the scanner. Else it uses execv(2). Setting QHPSI environment variable
 turns on the QHPSI interface. The Qmail High Performance Scanner interface
 QHPSI also allows \fBqmail-queue\fR to read command line arguments taken
 from the \fBQHPSI\fR environment to be used as a call-interface for an
@@ -399,8 +401,8 @@ to a value > 2 will bounce infected mails to sender
 \fBVIRUSFORWARD\fR
 Infected mails will be quarantined to the email defined by VIRUSFORWARD.
 This will work only if \fBREJECTVIRUS\fR is not equal to 1. Setting
-VIRUSFORWARD sets the \fBX-Quarantine-ID\fR containing the list of original
-recipient list is added.
+VIRUSFORWARD sets the \fBX-Quarantine-ID\fR containing the list of all
+recipients.
 
 .TP
 \fBQHPSIMINSIZE\fR
@@ -416,6 +418,59 @@ When QHPSI is enabled \fBqmail-queue\fR adds the header X-QHPSI, the value
 of which is either 'infected' or 'clean' (depending on whether the mail as
 identifed as infected or not).
 
+.SH PROGRAMS USING \fBQMAILQUEUE\fR
+
+All of the below programs use the setting of \fBQMAILQUEUE\fR environment
+variables to execute \fBqmail-queue\fR. They all can either take
+\fBQMAILQUEUE\fR set to the path of a single \fBqmail-queue\fR frontend or
+as command line chain of \fBqmail-queue\fR frontend programs. If you
+specify \fBqmail-queue\fR as one of the programs in \fBQMAILQUEUE\fR, the
+chain will stop at \fBqmail-queue\fR. Any programs listed after
+\fBqmail-queue\fR will not get executed. So it is important not to have
+\fBqmail-queue\fR in the list.
+
+\fBcondredirect\fR(1),
+\fBdot-forward\fR(1),
+\fBfastforward\fR(1),
+\fBfilterto\fR(1),
+\fBforward\fR(1),
+\fBmaildirserial\fR(1),
+\fBmini-smtpd\fR(8),
+\fBnew-inject\fR(1),
+\fBofmipd\fR(8),
+\fBqmail-inject\fR(8),
+\fBsendmail\fR(8),
+\fBqmail-local\fR(8),
+\fBqmail-qmqpd\fR(8),
+\fBqmail-qmtpd\fR(8),
+\fBqmail-send\fR(8),
+\fBqmta-send\fR(8),
+\fBqnotify\fR(1),
+\fBqreceipt\fR(1),
+\fBreplier\fR(1),
+\fBrrforward\fR(1),
+\fBrrt\fR(1),
+\fBslowq-send\fR(8),
+\fBqmail-smtpd\fR(8),
+\fBsrsfilter\fR(1),
+\fBqmail-spamfilter\fR(8),
+\fBqmail-multi\fR(8),
+\fBqmail-nullqueue\fR(8),
+\fBqmail-qfilter\fR(1),
+\fBqmail-dkim\fR(8),
+\fBqscanq-stdin\fR(8)
+
+The below programs also act as a \fBqmail-queue\fR frontend. They can be
+set in \fBQMAILQUEUE\fR environment variable and will ultimately execute
+\fBqmail-queue\fR in the end as a default.
+
+\fBqmail-spamfilter\fR(8),
+\fBqmail-multi\fR(8),
+\fBqmail-nullqueue\fR(8),
+\fBqmail-qfilter\fR(1),
+\fBqmail-dkim\fR(8),
+\fBqscanq-stdin\fR(8)
+
 .SH "EXIT CODES"
 \fBqmail-queue\fR does not print diagnostics. It exits 0 if it has
 successfully queued the message. It exits between 1 and 99 if it has failed
@@ -539,11 +594,11 @@ Comments:
 
 Sample with McAfee's uvscan:
 
- :allow,QHPSI='/usr/bin/uvscan --secure',QHPSIMAXSIZE='9000000',QHPSIRC='13'
+ :allow,QHPSI='@prefix@/bin/uvscan --secure',QHPSIMAXSIZE='9000000',QHPSIRC='13'
 
 Comments:
 
- - The path of 'uvscan' is '/usr/local/bin' and can be ommitted.
+ - The path of 'uvscan' is '@prefix@/bin' and can be ommitted.
  - 'uvscan' returns with RC=13 in case a virus is found,
    therefore, QHPSIRC has to provide this value.
  - The virus scanning is omitted, if the size of the message

indimail-mta-x/qmail-queue.c

@@ -1,5 +1,5 @@
 /*
- * $Id: qmail-queue.c,v 1.88 2023-10-24 20:07:31+05:30 Cprogrammer Exp mbhangui $
+ * $Id: qmail-queue.c,v 1.89 2023-10-29 17:13:32+05:30 Cprogrammer Exp mbhangui $
  */
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -584,10 +584,10 @@ set_archive(char *eaddr)
 			addr_ptr = 0;
 		else {
 			if (negate) {
-				if (!matchregex(addr, addr_ptr, &errStr))
+				if (matchregex(addr, addr_ptr, &errStr) == 0)
 					addr_ptr = 0;
 			} else {
-				if (matchregex(addr, addr_ptr, &errStr))
+				if (matchregex(addr, addr_ptr, &errStr) == 1)
 					addr_ptr = 0;
 			}
 		}
@@ -636,7 +636,7 @@ set_archive(char *eaddr)
 				}
 				ptr += (str_len(ptr) + 1);
 			}
-			if (!found && !stralloc_cat(&arch_email, &tmpe))
+			if (!found && !stralloc_cat(&arch_email, &tmpe)) /*- append if not duplicate */
 				return (1);
 		} else
 			*(dest - 1) = ':';
@@ -1076,7 +1076,7 @@ main()
 		for (len = 0; len < ADDR; ++len) {
 			if (substdio_get(&ssin, &ch, 1) < 1)
 				die(QQ_READ_ERR, 1, "trouble reading envelope");
-			if (flagquarantine) {
+			if (flagquarantine) { /*- append all recipients to quarantine */
 				if (ch && !stralloc_append(&qqehextra, &ch))
 					die(QQ_OUT_OF_MEMORY, 1, "out of memory");
 			} else
@@ -1188,14 +1188,17 @@ main()
 void
 getversion_qmail_queue_c()
 {
-	static char    *x = "$Id: qmail-queue.c,v 1.88 2023-10-24 20:07:31+05:30 Cprogrammer Exp mbhangui $";
+	static char    *x = "$Id: qmail-queue.c,v 1.89 2023-10-29 17:13:32+05:30 Cprogrammer Exp mbhangui $";
 
 	x = sccsidmakeargsh;
 	x++;
 }
 #endif
 /*
  * $Log: qmail-queue.c,v $
+ * Revision 1.89  2023-10-29 17:13:32+05:30  Cprogrammer
+ * bug - error in regexp treated as match
+ *
  * Revision 1.88  2023-10-24 20:07:31+05:30  Cprogrammer
  * added feature to negate regexp match
  *

indimail-mta-x/qregex.c

@@ -1,11 +1,11 @@
 /*
- * $Id: qregex.c,v 1.34 2023-10-24 20:08:02+05:30 Cprogrammer Exp mbhangui $
+ * $Id: qregex.c,v 1.35 2023-10-29 17:13:39+05:30 Cprogrammer Exp mbhangui $
  *
  * qregex (v2)
  * Author  : Evan Borgstrom (evan at unixpimps dot org)
  * Created : 2001/12/14 23:08:16
- * Modified: $Date: 2023-10-24 20:08:02+05:30 $
- * Revision: $Revision: 1.34 $
+ * Modified: $Date: 2023-10-29 17:13:39+05:30 $
+ * Revision: $Revision: 1.35 $
  *
  * Do POSIX regex matching on addresses for anti-relay / spam control.
  * It logs to the maillog
@@ -223,11 +223,12 @@ regex_match(stralloc *addr, stralloc *map, char **errStr)
 				return (AM_MEMORY_ERR);
 			if (!stralloc_0(&curregex))
 				return (AM_MEMORY_ERR);
-			if ((k = matchregex(addr->s, curregex.s, errStr)) == 1) {
-				if (negate)
-					return (0);
+			if ((k = matchregex(addr->s, curregex.s, errStr)) == -1)
+				return AM_REGEX_ERR;
+			if (negate)
+				k = !k;
+			if (k)
 				match = 1;
-			}
 			j = i + 1;
 			negate = 0;
 		}
@@ -238,14 +239,17 @@ regex_match(stralloc *addr, stralloc *map, char **errStr)
 void
 getversion_qregex_c()
 {
-	static char    *x = "$Id: qregex.c,v 1.34 2023-10-24 20:08:02+05:30 Cprogrammer Exp mbhangui $";
+	static char    *x = "$Id: qregex.c,v 1.35 2023-10-29 17:13:39+05:30 Cprogrammer Exp mbhangui $";
 
 	x = sccsidwildmath;
 	x++;
 }
 
 /*
  * $Log: qregex.c,v $
+ * Revision 1.35  2023-10-29 17:13:39+05:30  Cprogrammer
+ * bug - error in regexp treated as match
+ *
  * Revision 1.34  2023-10-24 20:08:02+05:30  Cprogrammer
  * use matchregex.h from /usr/include/qmail
  *