1. clamav-devel
  2. Commit 31b05bcb416dc5ad86ef4bafe7413c8a902c8860
Browse code

Handle = and space as header separaters

git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@880 77e5149b-7576-45b1-b177-96237e5ba77b

Nigel Horne authored on 2004/09/16 22:01:30
Showing 3 changed files
ChangeLog
History View file @ 31b05bc
... ... 
@@ -1,3 +1,8 @@
1 
+Thu Sep 16 14:00:05 BST 2004 (njh)
2 
+----------------------------------
3 
+  * libclamav/mbox.c:	Handle broken email headers that use equals signs or
4 
+				space to separate key from data insead of colon
5 
+
1 6 
 Thu Sep 16 12:20:59 BST 2004 (njh)
2 7 
 ----------------------------------
3 8 
   * libvclamav/mbox.c:	Improved handling of line breaks in the middle of
libclamav/mbox.c
History View file @ 31b05bc
... ... 
@@ -17,6 +17,9 @@
17 17 
  *
18 18 
  * Change History:
19 19 
  * $Log: mbox.c,v $
20 
+ * Revision 1.125  2004/09/16 12:59:36  nigelhorne
21 
+ * Handle = and space as header separaters
22 
+ *
20 23 
  * Revision 1.124  2004/09/16 11:20:33  nigelhorne
21 24 
  * Better handling of folded headers in multipart messages
22 25 
  *
... ... 
@@ -360,7 +363,7 @@
360 360 
  * Compilable under SCO; removed duplicate code with message.c
361 361 
  *
362 362 
  */
363 
-static	char	const	rcsid[] = "$Id: mbox.c,v 1.124 2004/09/16 11:20:33 nigelhorne Exp $";
363 
+static	char	const	rcsid[] = "$Id: mbox.c,v 1.125 2004/09/16 12:59:36 nigelhorne Exp $";
364 364
365 365 
 #if HAVE_CONFIG_H
366 366 
 #include "clamav-config.h"
... ... 
@@ -859,23 +862,37 @@ parseEmailHeaders(const message *m, const table_t *rfc821)
859 859 
 static int
860 860 
 parseEmailHeader(message *m, const char *line, const table_t *rfc821)
861 861 
 {
862 
-	char *cmd;
862 
+	char *cmd, *ptr;
863 863 
 	int ret = -1;
864 864 
 #ifdef CL_THREAD_SAFE
865 865 
 	char *strptr;
866 866 
 #endif
867 
-	char copy[LINE_LENGTH+1];
867 
+	const char *separater;
868 
+	char copy[LINE_LENGTH+1], tokenseparater[2];
868 869
869 870 
 	cli_dbgmsg("parseEmailHeader '%s'\n", line);
870 871
871 
-	if(strchr(line, ':') == NULL)
872 
+	/*
873 
+	 * In RFC822 the separater between the key a value is a colon,
874 
+	 * e.g.	Content-Transfer-Encoding: base64
875 
+	 * However some MUA's are lapse about this and virus writers exploit
876 
+	 * this hole, so we need to check all known possiblities
877 
+	 */
878 
+	for(separater = ":= "; *separater; separater++)
879 
+		if(strchr(line, *separater) != NULL)
880 
+			break;
881 
+
882 
+	if(*separater == '\0')
872 883 
 		return -1;
873 884
874 885 
 	assert(strlen(line) <= LINE_LENGTH);	/* RFC 821 */
875 886
876 887 
 	strcpy(copy, line);
877 888
878 
-	cmd = strtok_r(copy, ":", &strptr);
889 
+	tokenseparater[0] = *separater;
890 
+	tokenseparater[1] = '\0';
891 
+
892 
+	cmd = strtok_r(copy, tokenseparater, &strptr);
879 893
880 894 
 	if(cmd && (strstrip(cmd) > 0)) {
881 895 
 		char *arg = strtok_r(NULL, "", &strptr);
libclamav/message.c
History View file @ 31b05bc
... ... 
@@ -17,6 +17,9 @@
17 17 
  *
18 18 
  * Change History:
19 19 
  * $Log: message.c,v $
20 
+ * Revision 1.81  2004/09/16 12:59:36  nigelhorne
21 
+ * Handle = and space as header separaters
22 
+ *
20 23 
  * Revision 1.80  2004/09/16 11:35:08  nigelhorne
21 24 
  * Minor code tidy
22 25 
  *
... ... 
@@ -237,7 +240,7 @@
237 237 
  * uuencodebegin() no longer static
238 238 
  *
239 239 
  */
240 
-static	char	const	rcsid[] = "$Id: message.c,v 1.80 2004/09/16 11:35:08 nigelhorne Exp $";
240 
+static	char	const	rcsid[] = "$Id: message.c,v 1.81 2004/09/16 12:59:36 nigelhorne Exp $";
241 241
242 242 
 #if HAVE_CONFIG_H
243 243 
 #include "clamav-config.h"
... ... 
@@ -378,8 +381,6 @@ messageReset(message *m)
378 378 
 	if(m->encodingTypes) {
379 379 
 		assert(m->numberOfEncTypes > 0);
380 380 
 		free(m->encodingTypes);
381 
-		m->encodingTypes = NULL;
382 
-		m->numberOfEncTypes = 0;
383 381 
 	}
384 382
385 383 
 	memset(m, '\0', sizeof(message));