[cvs] bogofilter/src globals.c,1.34,1.35 globals.h,1.30,1.31 lexer_v3.l,1.73,1.74 collect.c,1.14,1.15 bogolexer.c,1.39,1.40

[David Relson]

Matthias,

The question I'm addressing is:  What can we do to prevent bogofilter
aborting when the flex code detects a fatal error?

Obviously, we don't want flex to _ever_ encounter a fatal error, but
until our grammar is perfect and bogofilter can process _any_ input at
all (whether RFC compliant or not), we need some form of crash
protection.

It's a problem whenever bogofilter exits with an error code because
procmail (or whatever) will keep rerunning bogofilter which will keep
getting the error.

As it is now, bogofilter _is_ broken since bad input can cause a crash.

The current code is simple and incomplete.  Feel free to suggest
additions :-)

David
 
On Sat, 6 Sep 2003 14:10:26 +0200
Matthias Andree <matthias.andree at gmx.de> wrote:

> On Fri, 05 Sep 2003, relson at users.sourceforge.net wrote:
> 
> >   */
> >  void collect_words(wordhash_t *wh)
> >  {
> > -    wordprop_t *w;
> > +    if (setjmp(lexer_abort_jmp_buf) == 0)
> > +	return;

This was an error and has been corrected.

> 
> This basically throws away error conditions...
> 
> >      while (reader_more()) {
> >  	initialize();
> > +
> > +	if (setjmp(lexer_abort_jmp_buf) != 0)
> > +	    continue;
> > +
> 
> ...without any macroscopic error return. What I'd like bogofilter to
> do is: a. do not change any data bases unless the read + parse was
> entirely successful b. report the error back and continue to exit with
> an error exit code.

Remembering there was an error and not changing databases is fine, and
easy to add.  Reporting an error is fine.  Exiting with an error code is
problematical.

> 
> Am I missing something obvious about the code? Else we've just broken
> bogofilter.

Other than the corrected inequality, bogofilter is _less_ broken than
previously.