git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@880 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/09/16 22:01:30... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Thu Sep 16 14:00:05 BST 2004 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamav/mbox.c: Handle broken email headers that use equals signs or |
|
4 |
+ space to separate key from data insead of colon |
|
5 |
+ |
|
1 | 6 |
Thu Sep 16 12:20:59 BST 2004 (njh) |
2 | 7 |
---------------------------------- |
3 | 8 |
* libvclamav/mbox.c: Improved handling of line breaks in the middle of |
... | ... |
@@ -17,6 +17,9 @@ |
17 | 17 |
* |
18 | 18 |
* Change History: |
19 | 19 |
* $Log: mbox.c,v $ |
20 |
+ * Revision 1.125 2004/09/16 12:59:36 nigelhorne |
|
21 |
+ * Handle = and space as header separaters |
|
22 |
+ * |
|
20 | 23 |
* Revision 1.124 2004/09/16 11:20:33 nigelhorne |
21 | 24 |
* Better handling of folded headers in multipart messages |
22 | 25 |
* |
... | ... |
@@ -360,7 +363,7 @@ |
360 | 360 |
* Compilable under SCO; removed duplicate code with message.c |
361 | 361 |
* |
362 | 362 |
*/ |
363 |
-static char const rcsid[] = "$Id: mbox.c,v 1.124 2004/09/16 11:20:33 nigelhorne Exp $"; |
|
363 |
+static char const rcsid[] = "$Id: mbox.c,v 1.125 2004/09/16 12:59:36 nigelhorne Exp $"; |
|
364 | 364 |
|
365 | 365 |
#if HAVE_CONFIG_H |
366 | 366 |
#include "clamav-config.h" |
... | ... |
@@ -859,23 +862,37 @@ parseEmailHeaders(const message *m, const table_t *rfc821) |
859 | 859 |
static int |
860 | 860 |
parseEmailHeader(message *m, const char *line, const table_t *rfc821) |
861 | 861 |
{ |
862 |
- char *cmd; |
|
862 |
+ char *cmd, *ptr; |
|
863 | 863 |
int ret = -1; |
864 | 864 |
#ifdef CL_THREAD_SAFE |
865 | 865 |
char *strptr; |
866 | 866 |
#endif |
867 |
- char copy[LINE_LENGTH+1]; |
|
867 |
+ const char *separater; |
|
868 |
+ char copy[LINE_LENGTH+1], tokenseparater[2]; |
|
868 | 869 |
|
869 | 870 |
cli_dbgmsg("parseEmailHeader '%s'\n", line); |
870 | 871 |
|
871 |
- if(strchr(line, ':') == NULL) |
|
872 |
+ /* |
|
873 |
+ * In RFC822 the separater between the key a value is a colon, |
|
874 |
+ * e.g. Content-Transfer-Encoding: base64 |
|
875 |
+ * However some MUA's are lapse about this and virus writers exploit |
|
876 |
+ * this hole, so we need to check all known possiblities |
|
877 |
+ */ |
|
878 |
+ for(separater = ":= "; *separater; separater++) |
|
879 |
+ if(strchr(line, *separater) != NULL) |
|
880 |
+ break; |
|
881 |
+ |
|
882 |
+ if(*separater == '\0') |
|
872 | 883 |
return -1; |
873 | 884 |
|
874 | 885 |
assert(strlen(line) <= LINE_LENGTH); /* RFC 821 */ |
875 | 886 |
|
876 | 887 |
strcpy(copy, line); |
877 | 888 |
|
878 |
- cmd = strtok_r(copy, ":", &strptr); |
|
889 |
+ tokenseparater[0] = *separater; |
|
890 |
+ tokenseparater[1] = '\0'; |
|
891 |
+ |
|
892 |
+ cmd = strtok_r(copy, tokenseparater, &strptr); |
|
879 | 893 |
|
880 | 894 |
if(cmd && (strstrip(cmd) > 0)) { |
881 | 895 |
char *arg = strtok_r(NULL, "", &strptr); |
... | ... |
@@ -17,6 +17,9 @@ |
17 | 17 |
* |
18 | 18 |
* Change History: |
19 | 19 |
* $Log: message.c,v $ |
20 |
+ * Revision 1.81 2004/09/16 12:59:36 nigelhorne |
|
21 |
+ * Handle = and space as header separaters |
|
22 |
+ * |
|
20 | 23 |
* Revision 1.80 2004/09/16 11:35:08 nigelhorne |
21 | 24 |
* Minor code tidy |
22 | 25 |
* |
... | ... |
@@ -237,7 +240,7 @@ |
237 | 237 |
* uuencodebegin() no longer static |
238 | 238 |
* |
239 | 239 |
*/ |
240 |
-static char const rcsid[] = "$Id: message.c,v 1.80 2004/09/16 11:35:08 nigelhorne Exp $"; |
|
240 |
+static char const rcsid[] = "$Id: message.c,v 1.81 2004/09/16 12:59:36 nigelhorne Exp $"; |
|
241 | 241 |
|
242 | 242 |
#if HAVE_CONFIG_H |
243 | 243 |
#include "clamav-config.h" |
... | ... |
@@ -378,8 +381,6 @@ messageReset(message *m) |
378 | 378 |
if(m->encodingTypes) { |
379 | 379 |
assert(m->numberOfEncTypes > 0); |
380 | 380 |
free(m->encodingTypes); |
381 |
- m->encodingTypes = NULL; |
|
382 |
- m->numberOfEncTypes = 0; |
|
383 | 381 |
} |
384 | 382 |
|
385 | 383 |
memset(m, '\0', sizeof(message)); |