From a7a148dd2588d5549292a2e612807a208da29a02 Mon Sep 17 00:00:00 2001
From: Alexander Sagen <alexander@sagen.me>
Date: Fri, 26 Apr 2024 18:43:26 +0200
Subject: [PATCH] Spf1: Remove strict option, always ignore repeating
 whitespace, ignore missing domain-end as it is optional

---
 composer.json                                 |  2 +-
 src/encoding/spf1.php                         | 48 +++++++++----------
 src/encoding/spf1/macro_string.php            |  4 +-
 ...oding_spf1_macro_string_extract_expand.php |  2 +-
 4 files changed, 27 insertions(+), 29 deletions(-)

diff --git a/composer.json b/composer.json
index 54eca61..a447bba 100644
--- a/composer.json
+++ b/composer.json
@@ -1,6 +1,6 @@
 {
     "name": "alexrsagen/obie",
-    "version": "1.6.7",
+    "version": "1.6.8",
     "type": "framework",
     "description": "Obie is a simple PHP framework. It aims to provide basic services needed for any web app.",
     "keywords": ["framework", "php", "http", "template", "view", "router", "routing", "model", "models", "session", "sessions"],
diff --git a/src/encoding/spf1.php b/src/encoding/spf1.php
index 6d93bef..70918c6 100644
--- a/src/encoding/spf1.php
+++ b/src/encoding/spf1.php
@@ -54,7 +54,7 @@ protected static function storeDirective(string &$buf, ?Directive &$directive) {
 		return true;
 	}
 
-	public static function decode(string $input, bool $strict = true): ?Record {
+	public static function decode(string $input): ?Record {
 		$record = new Record();
 
 		// check version
@@ -126,29 +126,27 @@ public static function decode(string $input, bool $strict = true): ?Record {
 					Log::warning(sprintf('Spf1: invalid macro-string at position %d', $position));
 					return null;
 				}
-				if ($position >= strlen($input)) {
-					Log::warning(sprintf('Spf1: invalid domain-spec: ended before domain-end at position %d', $position));
-					return null;
-				}
-				if ($input[$position] === '.') {
-					// extract a toplabel from input, append to buffer
-					for (; $position < strlen($input) && preg_match('/^[a-z0-9\-]$/i', $input[$position]) === 1; $position++) {
-						$buf .= $input[$position];
-					}
-					if ($position < strlen($input) && $input[$position] === '.') {
-						$buf .= $input[$position];
-						$position++;
-					}
-				} elseif ($input[$position] === '%') {
-					// append to buffer the result of extracting a macro-expand from input, given position
-					$buf_key = $buf;
-					$buf = MacroString::extranctExpand($input, $position);
-					if ($buf === null) {
-						Log::warning(sprintf('Spf1: invalid macro-expand at position %d', $position));
-						return null;
+				if ($position < strlen($input)) {
+					if ($input[$position] === '.') {
+						// extract a toplabel from input, append to buffer
+						for (; $position < strlen($input) && preg_match('/^[a-z0-9\-]$/i', $input[$position]) === 1; $position++) {
+							$buf .= $input[$position];
+						}
+						if ($position < strlen($input) && $input[$position] === '.') {
+							$buf .= $input[$position];
+							$position++;
+						}
+					} elseif ($input[$position] === '%') {
+						// append to buffer the result of extracting a macro-expand from input, given position
+						$buf_key = $buf;
+						$buf = MacroString::extractExpand($input, $position);
+						if ($buf === null) {
+							Log::warning(sprintf('Spf1: invalid macro-expand at position %d', $position));
+							return null;
+						}
+						$buf = $buf_key . $buf;
+						unset($buf_key);
 					}
-					$buf = $buf_key . $buf;
-					unset($buf_key);
 				}
 				// store mechanism value in directive
 				if (!static::storeDirective($buf, $directive)) return null;
@@ -160,8 +158,8 @@ public static function decode(string $input, bool $strict = true): ?Record {
 
 			// term delimiter
 			case ' ':
-				// non-strict: ignore multiple whitespace
-				if (!$strict && strlen($buf) === 0 && $directive === null) {
+				// ignore multiple whitespace
+				if (strlen($buf) === 0 && $directive === null) {
 					break;
 				}
 				if (!static::storeDirective($buf, $directive)) return null;
diff --git a/src/encoding/spf1/macro_string.php b/src/encoding/spf1/macro_string.php
index ce3d32b..9755205 100644
--- a/src/encoding/spf1/macro_string.php
+++ b/src/encoding/spf1/macro_string.php
@@ -40,13 +40,13 @@ public static function extractString(string $input, int &$position): ?string {
 			// 3.3. If the code point at position within input is not "%", break.
 			if ($input[$position] !== '%') break;
 			// 3.4. Extract macro-expand
-			if (static::extranctExpand($input, $position) === null) return null;
+			if (static::extractExpand($input, $position) === null) return null;
 		}
 		// 4. Return the code points from positionStart to position, inclusive, within input.
 		return substr($input, $position_start, $position - $position_start);
 	}
 
-	public static function extranctExpand(string $input, int &$position): ?string {
+	public static function extractExpand(string $input, int &$position): ?string {
 		// 1. Let positionStart be position.
 		$position_start = $position;
 		// 2. Assert: the code point at position within input is "%"
diff --git a/tests-fuzz/encoding_spf1_macro_string_extract_expand.php b/tests-fuzz/encoding_spf1_macro_string_extract_expand.php
index 2d856cf..e0563df 100644
--- a/tests-fuzz/encoding_spf1_macro_string_extract_expand.php
+++ b/tests-fuzz/encoding_spf1_macro_string_extract_expand.php
@@ -6,7 +6,7 @@
 
 $config->setTarget(function (string $input) {
 	$pos = 0;
-    Obie\Encoding\Spf1\MacroString::extranctExpand($input, $pos);
+    Obie\Encoding\Spf1\MacroString::extractExpand($input, $pos);
 });
 
 $config->setMaxLen(512);