1. clamav-devel
  2. Commit 2bcec72b92c7b3c52576386a46417296325da30d
Browse code

Handle attempts to hide mime type

git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@887 77e5149b-7576-45b1-b177-96237e5ba77b

Nigel Horne authored on 2004/09/17 18:50:32
Showing 4 changed files
ChangeLog
History View file @ 2bcec72
... ... 
@@ -1,3 +1,7 @@
1 
+Fri Sep 17 10:49:30 BST 2004 (njh)
2 
+----------------------------------
3 
+  * libclamav:	Handle attempts to falsify the mime type
4 
+
1 5 
 Fri Sep 17 10:10:13 BST 2004 (njh)
2 6 
 ----------------------------------
3 7 
   * libclamav/mbox.c:	Improved handling of RFC822 comments in headers
libclamav/mbox.c
History View file @ 2bcec72
... ... 
@@ -17,6 +17,9 @@
17 17 
  *
18 18 
  * Change History:
19 19 
  * $Log: mbox.c,v $
20 
+ * Revision 1.129  2004/09/17 09:48:53  nigelhorne
21 
+ * Handle attempts to hide mime type
22 
+ *
20 23 
  * Revision 1.128  2004/09/17 09:09:44  nigelhorne
21 24 
  * Better handling of RFC822 comments
22 25 
  *
... ... 
@@ -372,7 +375,7 @@
372 372 
  * Compilable under SCO; removed duplicate code with message.c
373 373 
  *
374 374 
  */
375 
-static	char	const	rcsid[] = "$Id: mbox.c,v 1.128 2004/09/17 09:09:44 nigelhorne Exp $";
375 
+static	char	const	rcsid[] = "$Id: mbox.c,v 1.129 2004/09/17 09:48:53 nigelhorne Exp $";
376 376
377 377 
 #if HAVE_CONFIG_H
378 378 
 #include "clamav-config.h"
... ... 
@@ -2145,7 +2148,7 @@ parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const c
2145 2145 
 					if(copy[0] == '\"')
2146 2146 
 						copy++;
2147 2147 
 					if(copy[0] != '/') {
2148 
-						messageSetMimeType(m, strtok_r(copy, "/", &strptr));
2148 
+						int set = messageSetMimeType(m, strtok_r(copy, "/", &strptr));
2149 2149
2150 2150 
 						/*
2151 2151 
 						 * Stephen White <stephen@earth.li>
... ... 
@@ -2154,7 +2157,7 @@ parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const c
2154 2154 
 						 * the ;
2155 2155 
 						 */
2156 2156 
 						s = strtok_r(NULL, ";", &strptr);
2157 
-						if(s) {
2157 
+						if(s && set) {
2158 2158 
 							len = strstrip(s) - 1;
2159 2159 
 							if(s[len] == '\"') {
2160 2160 
 								s[len] = '\0';
libclamav/message.c
History View file @ 2bcec72
... ... 
@@ -17,6 +17,9 @@
17 17 
  *
18 18 
  * Change History:
19 19 
  * $Log: message.c,v $
20 
+ * Revision 1.84  2004/09/17 09:48:53  nigelhorne
21 
+ * Handle attempts to hide mime type
22 
+ *
20 23 
  * Revision 1.83  2004/09/16 15:56:45  nigelhorne
21 24 
  * Handle double colons
22 25 
  *
... ... 
@@ -246,7 +249,7 @@
246 246 
  * uuencodebegin() no longer static
247 247 
  *
248 248 
  */
249 
-static	char	const	rcsid[] = "$Id: message.c,v 1.83 2004/09/16 15:56:45 nigelhorne Exp $";
249 
+static	char	const	rcsid[] = "$Id: message.c,v 1.84 2004/09/17 09:48:53 nigelhorne Exp $";
250 250
251 251 
 #if HAVE_CONFIG_H
252 252 
 #include "clamav-config.h"
... ... 
@@ -395,8 +398,11 @@ messageReset(message *m)
395 395
396 396 
 /*
397 397 
  * Handle the Content-Type header
398 
+ * Return success (1) or failure (0). Failure only happens when it's an
399 
+ * unknown type and we've already received a known type, or we've received an
400 
+ * empty type. If we receive an unknown type by itself we default to application
398 401 
  */
399 
-void
402 
+int
400 403 
 messageSetMimeType(message *mess, const char *type)
401 404 
 {
402 405 
 #ifdef	CL_THREAD_SAFE
... ... 
@@ -408,14 +414,12 @@ messageSetMimeType(message *mess, const char *type)
408 408 
 	assert(mess != NULL);
409 409 
 	assert(type != NULL);
410 410
411 
-	mess->mimeType = NOMIME;
412 
-
413 411 
 	cli_dbgmsg("messageSetMimeType: '%s'\n", type);
414 412
415 413 
 	/* Ignore leading spaces */
416 414 
 	while(!isalpha(*type))
417 415 
 		if(*type++ == '\0')
418 
-			return;
416 
+			return 0;
419 417
420 418 
 #ifdef	CL_THREAD_SAFE
421 419 
 	pthread_mutex_lock(&mime_mutex);
... ... 
@@ -428,7 +432,7 @@ messageSetMimeType(message *mess, const char *type)
428 428 
 #ifdef	CL_THREAD_SAFE
429 429 
 			pthread_mutex_unlock(&mime_mutex);
430 430 
 #endif
431 
-			return;
431 
+			return 0;
432 432 
 		}
433 433
434 434 
 		for(m = mime_map; m->string; m++)
... ... 
@@ -438,7 +442,7 @@ messageSetMimeType(message *mess, const char *type)
438 438 
 #ifdef	CL_THREAD_SAFE
439 439 
 				pthread_mutex_unlock(&mime_mutex);
440 440 
 #endif
441 
-				return;
441 
+				return 0;
442 442 
 			}
443 443 
 	}
444 444 
 #ifdef	CL_THREAD_SAFE
... ... 
@@ -447,9 +451,10 @@ messageSetMimeType(message *mess, const char *type)
447 447
448 448 
 	typeval = tableFind(mime_table, type);
449 449
450 
-	mess->mimeType = (mime_type)((typeval == -1) ? (int)NOMIME : typeval);
451 
-
452 
-	if(mess->mimeType == NOMIME) {
450 
+	if(typeval != -1) {
451 
+		mess->mimeType = typeval;
452 
+		return 1;
453 
+	} else if(mess->mimeType == NOMIME) {
453 454 
 		if(strncasecmp(type, "x-", 2) == 0)
454 455 
 			mess->mimeType = MEXTENSION;
455 456 
 		else {
... ... 
@@ -461,7 +466,9 @@ messageSetMimeType(message *mess, const char *type)
461 461 
 			cli_warnmsg("Unknown MIME type: `%s' - set to Application\n", type);
462 462 
 			mess->mimeType = APPLICATION;
463 463 
 		}
464 
+		return 1;
464 465 
 	}
466 
+	return 0;
465 467 
 }
466 468
467 469 
 mime_type
libclamav/message.h
History View file @ 2bcec72
... ... 
@@ -16,6 +16,9 @@
16 16 
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17 17 
  *
18 18 
  * $Log: message.h,v $
19 
+ * Revision 1.18  2004/09/17 09:48:53  nigelhorne
20 
+ * Handle attempts to hide mime type
21 
+ *
19 22 
  * Revision 1.17  2004/09/15 18:08:23  nigelhorne
20 23 
  * Handle multiple encoding types
21 24 
  *
... ... 
@@ -88,7 +91,7 @@ typedef struct message {
88 88 
 message	*messageCreate(void);
89 89 
 void	messageDestroy(message *m);
90 90 
 void	messageReset(message *m);
91 
-void	messageSetMimeType(message *m, const char *type);
91 
+int	messageSetMimeType(message *m, const char *type);
92 92 
 mime_type	messageGetMimeType(const message *m);
93 93 
 void	messageSetMimeSubtype(message *m, const char *subtype);
94 94 
 const	char	*messageGetMimeSubtype(const message *m);