Browse code
Added SCAN_TO_DISC define
git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@469 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/04/05 18:37:13Showing 2 changed files
| ... | ... |
@@ -1,3 +1,11 @@ |
| 1 |
+Mon Apr 5 10:47:43 BST 2004 (njh) |
|
| 2 |
+---------------------------------- |
|
| 3 |
+ * libclamav/mbox.c: Added SAVE_TO_DISC #define which, when activated, |
|
| 4 |
+ scans embedded RFC822 messages from disc rather than in memory. It |
|
| 5 |
+ is recommended that this option is always enabled unless ClamAV is |
|
| 6 |
+ to be installed on a system where many nested levels of RFC822 messages |
|
| 7 |
+ cannot occur |
|
| 8 |
+ |
|
| 1 | 9 |
Mon Apr 5 10:16:29 BST 2004 (trog) |
| 2 | 10 |
----------------------------------- |
| 3 | 11 |
* libclamav/vba_extract.c: minor code update |
| ... | ... |
@@ -17,6 +17,9 @@ |
| 17 | 17 |
* |
| 18 | 18 |
* Change History: |
| 19 | 19 |
* $Log: mbox.c,v $ |
| 20 |
+ * Revision 1.64 2004/04/05 09:32:20 nigelhorne |
|
| 21 |
+ * Added SCAN_TO_DISC define |
|
| 22 |
+ * |
|
| 20 | 23 |
* Revision 1.63 2004/04/01 15:32:34 nigelhorne |
| 21 | 24 |
* Graceful exit if messageAddLine fails in strdup |
| 22 | 25 |
* |
| ... | ... |
@@ -180,7 +183,7 @@ |
| 180 | 180 |
* Compilable under SCO; removed duplicate code with message.c |
| 181 | 181 |
* |
| 182 | 182 |
*/ |
| 183 |
-static char const rcsid[] = "$Id: mbox.c,v 1.63 2004/04/01 15:32:34 nigelhorne Exp $"; |
|
| 183 |
+static char const rcsid[] = "$Id: mbox.c,v 1.64 2004/04/05 09:32:20 nigelhorne Exp $"; |
|
| 184 | 184 |
|
| 185 | 185 |
#if HAVE_CONFIG_H |
| 186 | 186 |
#include "clamav-config.h" |
| ... | ... |
@@ -321,6 +324,8 @@ static const struct tableinit {
|
| 321 | 321 |
#define O_BINARY 0 |
| 322 | 322 |
#endif |
| 323 | 323 |
|
| 324 |
+#define SAVE_TO_DISC /* multipart/message are saved in a temporary file */ |
|
| 325 |
+ |
|
| 324 | 326 |
/* |
| 325 | 327 |
* TODO: when signal handling is added, need to remove temp files when a |
| 326 | 328 |
* signal is received |
| ... | ... |
@@ -388,7 +393,6 @@ cl_mbox(const char *dir, int desc) |
| 388 | 388 |
*/ |
| 389 | 389 |
body = parseEmailHeaders(m, rfc821Table); |
| 390 | 390 |
messageDestroy(m); |
| 391 |
- messageClean(body); |
|
| 392 | 391 |
if(messageGetBody(body)) |
| 393 | 392 |
if(!parseEmailBody(body, NULL, 0, NULL, dir, rfc821Table, subtypeTable)) {
|
| 394 | 393 |
messageReset(body); |
| ... | ... |
@@ -416,6 +420,12 @@ cl_mbox(const char *dir, int desc) |
| 416 | 416 |
/* |
| 417 | 417 |
* No need to preprocess such as cli_chomp() since |
| 418 | 418 |
* that'll be done by parseEmailHeaders() |
| 419 |
+ * |
|
| 420 |
+ * TODO: this needlessly creates a message object, |
|
| 421 |
+ * it'd be better if parseEmailHeaders could also |
|
| 422 |
+ * read in from a file. I do not want to lump the |
|
| 423 |
+ * parseEmailHeaders code here, that'd be a duplication |
|
| 424 |
+ * of code I want to avoid |
|
| 419 | 425 |
*/ |
| 420 | 426 |
if(messageAddLine(m, buffer, 1) < 0) |
| 421 | 427 |
break; |
| ... | ... |
@@ -430,7 +440,6 @@ cl_mbox(const char *dir, int desc) |
| 430 | 430 |
/* |
| 431 | 431 |
* Write out the last entry in the mailbox |
| 432 | 432 |
*/ |
| 433 |
- messageClean(body); |
|
| 434 | 433 |
if(messageGetBody(body)) |
| 435 | 434 |
if(!parseEmailBody(body, NULL, 0, NULL, dir, rfc821Table, subtypeTable)) |
| 436 | 435 |
retcode = -1; |
| ... | ... |
@@ -458,7 +467,7 @@ cl_mbox(const char *dir, int desc) |
| 458 | 458 |
static message * |
| 459 | 459 |
parseEmailHeaders(const message *m, const table_t *rfc821Table) |
| 460 | 460 |
{
|
| 461 |
- bool inContinuationHeader = FALSE; |
|
| 461 |
+ bool inContinuationHeader = FALSE; /* state machine: ugh */ |
|
| 462 | 462 |
bool inHeader = TRUE; |
| 463 | 463 |
const text *t; |
| 464 | 464 |
message *ret; |
| ... | ... |
@@ -517,6 +526,8 @@ parseEmailHeaders(const message *m, const table_t *rfc821Table) |
| 517 | 517 |
} |
| 518 | 518 |
} |
| 519 | 519 |
|
| 520 |
+ messageClean(ret); |
|
| 521 |
+ |
|
| 520 | 522 |
cli_dbgmsg("parseEmailHeaders: return\n");
|
| 521 | 523 |
|
| 522 | 524 |
return ret; |
| ... | ... |
@@ -1023,6 +1034,22 @@ parseEmailBody(message *messageIn, blob **blobsIn, int nBlobs, text *textIn, con |
| 1023 | 1023 |
messages[i] = NULL; |
| 1024 | 1024 |
continue; |
| 1025 | 1025 |
} |
| 1026 |
+#ifdef SAVE_TO_DISC |
|
| 1027 |
+ /* |
|
| 1028 |
+ * Save this embedded message |
|
| 1029 |
+ * to a temporary file |
|
| 1030 |
+ */ |
|
| 1031 |
+ saveTextPart(aMessage, dir); |
|
| 1032 |
+ assert(aMessage == messages[i]); |
|
| 1033 |
+ messageDestroy(messages[i]); |
|
| 1034 |
+ messages[i] = NULL; |
|
| 1035 |
+#else |
|
| 1036 |
+ /* |
|
| 1037 |
+ * Scan in memory, faster but |
|
| 1038 |
+ * is open to DoS attacks when |
|
| 1039 |
+ * many nested levels are |
|
| 1040 |
+ * involved. |
|
| 1041 |
+ */ |
|
| 1026 | 1042 |
body = parseEmailHeaders(aMessage, rfc821Table); |
| 1027 | 1043 |
/* |
| 1028 | 1044 |
* We've fininished with the |
| ... | ... |
@@ -1039,7 +1066,7 @@ parseEmailBody(message *messageIn, blob **blobsIn, int nBlobs, text *textIn, con |
| 1039 | 1039 |
rc = parseEmailBody(body, blobs, nBlobs, NULL, dir, rfc821Table, subtypeTable); |
| 1040 | 1040 |
messageDestroy(body); |
| 1041 | 1041 |
} |
| 1042 |
- |
|
| 1042 |
+#endif |
|
| 1043 | 1043 |
continue; |
| 1044 | 1044 |
case MULTIPART: |
| 1045 | 1045 |
/* |
| ... | ... |
@@ -1244,8 +1271,10 @@ parseEmailBody(message *messageIn, blob **blobsIn, int nBlobs, text *textIn, con |
| 1244 | 1244 |
if(m) {
|
| 1245 | 1245 |
cli_dbgmsg("Decode rfc822");
|
| 1246 | 1246 |
|
| 1247 |
- messageClean(m); |
|
| 1248 |
- |
|
| 1247 |
+ if(mainMessage && (mainMessage != messageIn)) {
|
|
| 1248 |
+ messageDestroy(mainMessage); |
|
| 1249 |
+ mainMessage = NULL; |
|
| 1250 |
+ } |
|
| 1249 | 1251 |
if(messageGetBody(m)) |
| 1250 | 1252 |
rc = parseEmailBody(m, NULL, 0, NULL, dir, rfc821Table, subtypeTable); |
| 1251 | 1253 |
|