commit 369b9ed: [Feature] Always validate Rspamd protocol output

[Vsevolod Stakhov]

Author: Vsevolod Stakhov
Date: 2019-11-15 19:18:55 +0000
URL: https://github.com/rspamd/rspamd/commit/369b9ed9892e0dbf929a2f86363752dce201538e (HEAD -> master)

[Feature] Always validate Rspamd protocol output

---
 src/libserver/protocol.c | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/libserver/protocol.c b/src/libserver/protocol.c
index e66101bb4..255ca50a5 100644
--- a/src/libserver/protocol.c
+++ b/src/libserver/protocol.c
@@ -2027,7 +2027,21 @@ rspamd_protocol_write_reply (struct rspamd_task *task, ev_tstamp timeout)
 		reply = rspamd_fstring_sized_new (256);
 		rspamd_ucl_emit_fstring (top, UCL_EMIT_JSON_COMPACT, &reply);
 		ucl_object_unref (top);
-		rspamd_http_message_set_body_from_fstring_steal (msg, reply);
+
+		/* We also need to validate utf8 */
+		if (rspamd_fast_utf8_validate (reply->str, reply->len) != 0) {
+			gsize valid_len;
+			gchar *validated;
+
+			/* We copy reply several times here but it should be a rare case */
+			validated = rspamd_str_make_utf_valid (reply->str, reply->len,
+					&valid_len, task->task_pool);
+			rspamd_http_message_set_body (msg, validated, valid_len);
+			rspamd_fstring_free (reply);
+		}
+		else {
+			rspamd_http_message_set_body_from_fstring_steal (msg, reply);
+		}
 	}
 	else {
 		msg->status = rspamd_fstring_new_init ("OK", 2);