From bb5f95a00ed49042248861e80a4a5672204d2494 Mon Sep 17 00:00:00 2001
From: rswindell <>
Date: Thu, 5 Nov 2009 17:05:13 +0000
Subject: [PATCH] Fix bug whereby tags (e.g. "Fw:" and "SPAM:") were not being
 stripped from subjects before hashing. Some paranoia stuff (calling
 clearerr() just incase rewind() doesn't clear the stream's EOF flag).

---
 src/smblib/smbhash.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/smblib/smbhash.c b/src/smblib/smbhash.c
index 483a72133a..015ff8ae28 100644
--- a/src/smblib/smbhash.c
+++ b/src/smblib/smbhash.c
@@ -63,6 +63,7 @@ int SMBCALL smb_findhash(smb_t* smb, hash_t** compare, hash_t* found_hash,
 	if(count && source_mask!=SMB_HASH_SOURCE_NONE) {
 
 		rewind(smb->hash_fp);
+		clearerr(smb->hash_fp);
 		while(!feof(smb->hash_fp)) {
 			if(smb_fread(smb,&hash,sizeof(hash),smb->hash_fp)!=sizeof(hash))
 				break;
@@ -85,13 +86,13 @@ int SMBCALL smb_findhash(smb_t* smb, hash_t** compare, hash_t* found_hash,
 					continue;	/* wrong pre-process flags */
 				if((compare[c]->flags&hash.flags&SMB_HASH_MASK)==0)	
 					continue;	/* no matching hashes */
-				if(compare[c]->flags&hash.flags&SMB_HASH_CRC16 
+				if((compare[c]->flags&hash.flags&SMB_HASH_CRC16)
 					&& compare[c]->crc16!=hash.crc16)
 					continue;	/* wrong crc-16 */
-				if(compare[c]->flags&hash.flags&SMB_HASH_CRC32
+				if((compare[c]->flags&hash.flags&SMB_HASH_CRC32)
 					&& compare[c]->crc32!=hash.crc32)
 					continue;	/* wrong crc-32 */
-				if(compare[c]->flags&hash.flags&SMB_HASH_MD5 
+				if((compare[c]->flags&hash.flags&SMB_HASH_MD5)
 					&& memcmp(compare[c]->md5,hash.md5,sizeof(hash.md5)))
 					continue;	/* wrong MD5 */
 				
@@ -278,7 +279,7 @@ hash_t** SMBCALL smb_msghashes(smbmsg_t* msg, const uchar* body, long source_mas
 			}
 			break;
 		}
-		if((hash=smb_hashstr(msg->hdr.number, t, SMB_HASH_SOURCE_SUBJECT,flags, msg->subj))!=NULL)
+		if((hash=smb_hashstr(msg->hdr.number, t, SMB_HASH_SOURCE_SUBJECT, flags, p))!=NULL)
 			hashes[h++]=hash;
 	}
 
-- 
GitLab