git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@887 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/09/17 18:50:32... | ... |
@@ -1,3 +1,7 @@ |
1 |
+Fri Sep 17 10:49:30 BST 2004 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamav: Handle attempts to falsify the mime type |
|
4 |
+ |
|
1 | 5 |
Fri Sep 17 10:10:13 BST 2004 (njh) |
2 | 6 |
---------------------------------- |
3 | 7 |
* libclamav/mbox.c: Improved handling of RFC822 comments in headers |
... | ... |
@@ -17,6 +17,9 @@ |
17 | 17 |
* |
18 | 18 |
* Change History: |
19 | 19 |
* $Log: mbox.c,v $ |
20 |
+ * Revision 1.129 2004/09/17 09:48:53 nigelhorne |
|
21 |
+ * Handle attempts to hide mime type |
|
22 |
+ * |
|
20 | 23 |
* Revision 1.128 2004/09/17 09:09:44 nigelhorne |
21 | 24 |
* Better handling of RFC822 comments |
22 | 25 |
* |
... | ... |
@@ -372,7 +375,7 @@ |
372 | 372 |
* Compilable under SCO; removed duplicate code with message.c |
373 | 373 |
* |
374 | 374 |
*/ |
375 |
-static char const rcsid[] = "$Id: mbox.c,v 1.128 2004/09/17 09:09:44 nigelhorne Exp $"; |
|
375 |
+static char const rcsid[] = "$Id: mbox.c,v 1.129 2004/09/17 09:48:53 nigelhorne Exp $"; |
|
376 | 376 |
|
377 | 377 |
#if HAVE_CONFIG_H |
378 | 378 |
#include "clamav-config.h" |
... | ... |
@@ -2145,7 +2148,7 @@ parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const c |
2145 | 2145 |
if(copy[0] == '\"') |
2146 | 2146 |
copy++; |
2147 | 2147 |
if(copy[0] != '/') { |
2148 |
- messageSetMimeType(m, strtok_r(copy, "/", &strptr)); |
|
2148 |
+ int set = messageSetMimeType(m, strtok_r(copy, "/", &strptr)); |
|
2149 | 2149 |
|
2150 | 2150 |
/* |
2151 | 2151 |
* Stephen White <stephen@earth.li> |
... | ... |
@@ -2154,7 +2157,7 @@ parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const c |
2154 | 2154 |
* the ; |
2155 | 2155 |
*/ |
2156 | 2156 |
s = strtok_r(NULL, ";", &strptr); |
2157 |
- if(s) { |
|
2157 |
+ if(s && set) { |
|
2158 | 2158 |
len = strstrip(s) - 1; |
2159 | 2159 |
if(s[len] == '\"') { |
2160 | 2160 |
s[len] = '\0'; |
... | ... |
@@ -17,6 +17,9 @@ |
17 | 17 |
* |
18 | 18 |
* Change History: |
19 | 19 |
* $Log: message.c,v $ |
20 |
+ * Revision 1.84 2004/09/17 09:48:53 nigelhorne |
|
21 |
+ * Handle attempts to hide mime type |
|
22 |
+ * |
|
20 | 23 |
* Revision 1.83 2004/09/16 15:56:45 nigelhorne |
21 | 24 |
* Handle double colons |
22 | 25 |
* |
... | ... |
@@ -246,7 +249,7 @@ |
246 | 246 |
* uuencodebegin() no longer static |
247 | 247 |
* |
248 | 248 |
*/ |
249 |
-static char const rcsid[] = "$Id: message.c,v 1.83 2004/09/16 15:56:45 nigelhorne Exp $"; |
|
249 |
+static char const rcsid[] = "$Id: message.c,v 1.84 2004/09/17 09:48:53 nigelhorne Exp $"; |
|
250 | 250 |
|
251 | 251 |
#if HAVE_CONFIG_H |
252 | 252 |
#include "clamav-config.h" |
... | ... |
@@ -395,8 +398,11 @@ messageReset(message *m) |
395 | 395 |
|
396 | 396 |
/* |
397 | 397 |
* Handle the Content-Type header |
398 |
+ * Return success (1) or failure (0). Failure only happens when it's an |
|
399 |
+ * unknown type and we've already received a known type, or we've received an |
|
400 |
+ * empty type. If we receive an unknown type by itself we default to application |
|
398 | 401 |
*/ |
399 |
-void |
|
402 |
+int |
|
400 | 403 |
messageSetMimeType(message *mess, const char *type) |
401 | 404 |
{ |
402 | 405 |
#ifdef CL_THREAD_SAFE |
... | ... |
@@ -408,14 +414,12 @@ messageSetMimeType(message *mess, const char *type) |
408 | 408 |
assert(mess != NULL); |
409 | 409 |
assert(type != NULL); |
410 | 410 |
|
411 |
- mess->mimeType = NOMIME; |
|
412 |
- |
|
413 | 411 |
cli_dbgmsg("messageSetMimeType: '%s'\n", type); |
414 | 412 |
|
415 | 413 |
/* Ignore leading spaces */ |
416 | 414 |
while(!isalpha(*type)) |
417 | 415 |
if(*type++ == '\0') |
418 |
- return; |
|
416 |
+ return 0; |
|
419 | 417 |
|
420 | 418 |
#ifdef CL_THREAD_SAFE |
421 | 419 |
pthread_mutex_lock(&mime_mutex); |
... | ... |
@@ -428,7 +432,7 @@ messageSetMimeType(message *mess, const char *type) |
428 | 428 |
#ifdef CL_THREAD_SAFE |
429 | 429 |
pthread_mutex_unlock(&mime_mutex); |
430 | 430 |
#endif |
431 |
- return; |
|
431 |
+ return 0; |
|
432 | 432 |
} |
433 | 433 |
|
434 | 434 |
for(m = mime_map; m->string; m++) |
... | ... |
@@ -438,7 +442,7 @@ messageSetMimeType(message *mess, const char *type) |
438 | 438 |
#ifdef CL_THREAD_SAFE |
439 | 439 |
pthread_mutex_unlock(&mime_mutex); |
440 | 440 |
#endif |
441 |
- return; |
|
441 |
+ return 0; |
|
442 | 442 |
} |
443 | 443 |
} |
444 | 444 |
#ifdef CL_THREAD_SAFE |
... | ... |
@@ -447,9 +451,10 @@ messageSetMimeType(message *mess, const char *type) |
447 | 447 |
|
448 | 448 |
typeval = tableFind(mime_table, type); |
449 | 449 |
|
450 |
- mess->mimeType = (mime_type)((typeval == -1) ? (int)NOMIME : typeval); |
|
451 |
- |
|
452 |
- if(mess->mimeType == NOMIME) { |
|
450 |
+ if(typeval != -1) { |
|
451 |
+ mess->mimeType = typeval; |
|
452 |
+ return 1; |
|
453 |
+ } else if(mess->mimeType == NOMIME) { |
|
453 | 454 |
if(strncasecmp(type, "x-", 2) == 0) |
454 | 455 |
mess->mimeType = MEXTENSION; |
455 | 456 |
else { |
... | ... |
@@ -461,7 +466,9 @@ messageSetMimeType(message *mess, const char *type) |
461 | 461 |
cli_warnmsg("Unknown MIME type: `%s' - set to Application\n", type); |
462 | 462 |
mess->mimeType = APPLICATION; |
463 | 463 |
} |
464 |
+ return 1; |
|
464 | 465 |
} |
466 |
+ return 0; |
|
465 | 467 |
} |
466 | 468 |
|
467 | 469 |
mime_type |
... | ... |
@@ -16,6 +16,9 @@ |
16 | 16 |
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
17 | 17 |
* |
18 | 18 |
* $Log: message.h,v $ |
19 |
+ * Revision 1.18 2004/09/17 09:48:53 nigelhorne |
|
20 |
+ * Handle attempts to hide mime type |
|
21 |
+ * |
|
19 | 22 |
* Revision 1.17 2004/09/15 18:08:23 nigelhorne |
20 | 23 |
* Handle multiple encoding types |
21 | 24 |
* |
... | ... |
@@ -88,7 +91,7 @@ typedef struct message { |
88 | 88 |
message *messageCreate(void); |
89 | 89 |
void messageDestroy(message *m); |
90 | 90 |
void messageReset(message *m); |
91 |
-void messageSetMimeType(message *m, const char *type); |
|
91 |
+int messageSetMimeType(message *m, const char *type); |
|
92 | 92 |
mime_type messageGetMimeType(const message *m); |
93 | 93 |
void messageSetMimeSubtype(message *m, const char *subtype); |
94 | 94 |
const char *messageGetMimeSubtype(const message *m); |