git-svn: trunk@3043
Török Edvin authored on 2007/05/02 01:46:52... | ... |
@@ -1,3 +1,7 @@ |
1 |
+Tue May 1 19:00:00 EEST 2007 (edwin) |
|
2 |
+---------------------------------- |
|
3 |
+ * apply next set of patches for enabling phishing code |
|
4 |
+ |
|
1 | 5 |
Tue May 1 17:20:53 CEST 2007 (tk) |
2 | 6 |
---------------------------------- |
3 | 7 |
* prepare for enabling phishing code in non-experimental builds - apply |
... | ... |
@@ -21,7 +21,6 @@ |
21 | 21 |
*/ |
22 | 22 |
#include "clamav-config.h" |
23 | 23 |
|
24 |
-#ifdef CL_EXPERIMENTAL |
|
25 | 24 |
|
26 | 25 |
#include <stdio.h> |
27 | 26 |
#include <stdlib.h> |
... | ... |
@@ -984,4 +983,3 @@ unsigned char* encoding_norm_readline(struct entity_conv* conv, FILE* stream_in, |
984 | 984 |
} |
985 | 985 |
} |
986 | 986 |
|
987 |
-#endif |
... | ... |
@@ -49,10 +49,12 @@ |
49 | 49 |
#include "others.h" |
50 | 50 |
#include "htmlnorm.h" |
51 | 51 |
|
52 |
-#ifdef CL_EXPERIMENTAL |
|
53 |
-#include "mbox.h" |
|
52 |
+typedef enum { |
|
53 |
+ INVALIDCLASS, BLOBCLASS |
|
54 |
+} object_type; |
|
55 |
+#include "blob.h" |
|
56 |
+ |
|
54 | 57 |
#include "entconv.h" |
55 |
-#endif |
|
56 | 58 |
|
57 | 59 |
#define HTML_STR_LENGTH 1024 |
58 | 60 |
#define MAX_TAG_CONTENTS_LENGTH HTML_STR_LENGTH |
... | ... |
@@ -62,9 +64,7 @@ typedef enum { |
62 | 62 |
HTML_NORM, |
63 | 63 |
HTML_COMMENT, |
64 | 64 |
HTML_CHAR_REF, |
65 |
-#ifdef CL_EXPERIMENTAL |
|
66 | 65 |
HTML_ENTITY_REF_DECODE, |
67 |
-#endif |
|
68 | 66 |
HTML_SKIP_WS, |
69 | 67 |
HTML_TRIM_WS, |
70 | 68 |
HTML_TAG, |
... | ... |
@@ -313,7 +313,6 @@ static void html_tag_arg_add(tag_arguments_t *tags, |
313 | 313 |
if (!tags->value) { |
314 | 314 |
goto abort; |
315 | 315 |
} |
316 |
-#ifdef CL_EXPERIMENTAL |
|
317 | 316 |
if(tags->scanContents) { |
318 | 317 |
tags->contents= (blob **) cli_realloc(tags->contents, |
319 | 318 |
tags->count*sizeof(*tags->contents)); |
... | ... |
@@ -322,7 +321,6 @@ static void html_tag_arg_add(tag_arguments_t *tags, |
322 | 322 |
} |
323 | 323 |
tags->contents[tags->count-1]=NULL; |
324 | 324 |
} |
325 |
-#endif |
|
326 | 325 |
tags->tag[tags->count-1] = cli_strdup(tag); |
327 | 326 |
if (value) { |
328 | 327 |
if (*value == '"') { |
... | ... |
@@ -349,12 +347,10 @@ abort: |
349 | 349 |
if (tags->value) { |
350 | 350 |
free(tags->value[i]); |
351 | 351 |
} |
352 |
-#ifdef CL_EXPERIMENTAL |
|
353 | 352 |
if(tags->contents) { |
354 | 353 |
if(tags->contents[i]) |
355 | 354 |
blobDestroy(tags->contents[i]); |
356 | 355 |
} |
357 |
-#endif |
|
358 | 356 |
} |
359 | 357 |
if (tags->tag) { |
360 | 358 |
free(tags->tag); |
... | ... |
@@ -362,11 +358,9 @@ abort: |
362 | 362 |
if (tags->value) { |
363 | 363 |
free(tags->value); |
364 | 364 |
} |
365 |
-#ifdef CL_EXPERIMENTAL |
|
366 | 365 |
if (tags->contents) |
367 | 366 |
free(tags->contents); |
368 | 367 |
tags->contents=NULL; |
369 |
-#endif |
|
370 | 368 |
tags->tag = tags->value = NULL; |
371 | 369 |
tags->count = 0; |
372 | 370 |
return; |
... | ... |
@@ -402,11 +396,9 @@ void html_tag_arg_free(tag_arguments_t *tags) |
402 | 402 |
if (tags->value[i]) { |
403 | 403 |
free(tags->value[i]); |
404 | 404 |
} |
405 |
-#ifdef CL_EXPERIMENTAL |
|
406 | 405 |
if(tags->contents) |
407 | 406 |
if (tags->contents[i]) |
408 | 407 |
blobDestroy(tags->contents[i]); |
409 |
-#endif |
|
410 | 408 |
} |
411 | 409 |
if (tags->tag) { |
412 | 410 |
free(tags->tag); |
... | ... |
@@ -414,16 +406,13 @@ void html_tag_arg_free(tag_arguments_t *tags) |
414 | 414 |
if (tags->value) { |
415 | 415 |
free(tags->value); |
416 | 416 |
} |
417 |
-#ifdef CL_EXPERIMENTAL |
|
418 | 417 |
if(tags->contents) |
419 | 418 |
free(tags->contents); |
420 | 419 |
tags->contents = NULL; |
421 |
-#endif |
|
422 | 420 |
tags->tag = tags->value = NULL; |
423 | 421 |
tags->count = 0; |
424 | 422 |
} |
425 | 423 |
|
426 |
-#ifdef CL_EXPERIMENTAL |
|
427 | 424 |
/** |
428 | 425 |
* this is used for img, and iframe tags. If they are inside an <a href> tag, then set the contents of the image|iframe to the real URL. |
429 | 426 |
*/ |
... | ... |
@@ -460,9 +449,9 @@ static inline void html_tag_contents_length_check(tag_arguments_t *tags,int* idx |
460 | 460 |
*idx=0;/*in_ahref=0;*/ |
461 | 461 |
} |
462 | 462 |
} |
463 |
-#endif |
|
464 | 463 |
|
465 |
-static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag_arguments_t *hrefs) |
|
464 |
+ |
|
465 |
+static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag_arguments_t *hrefs,const struct cli_dconf* dconf) |
|
466 | 466 |
{ |
467 | 467 |
int fd_tmp, tag_length, tag_arg_length, binary; |
468 | 468 |
int retval=FALSE, escape, value = 0, hex, tag_val_length=0, table_pos, in_script=FALSE; |
... | ... |
@@ -476,21 +465,20 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
476 | 476 |
unsigned long length; |
477 | 477 |
file_buff_t *file_buff_o1, *file_buff_o2, *file_buff_script; |
478 | 478 |
file_buff_t *file_tmp_o1; |
479 |
-#ifdef CL_EXPERIMENTAL |
|
480 | 479 |
int in_ahref=0;/* index of <a> tag, whose contents we are parsing. Indexing starts from 1, 0 means outside of <a>*/ |
481 | 480 |
unsigned char* href_contents_begin=NULL;/*beginning of the next portion of <a> contents*/ |
482 | 481 |
unsigned char* ptrend=NULL;/*end of <a> contents*/ |
483 | 482 |
unsigned char* in_form_action = NULL;/* the action URL of the current <form> tag, if any*/ |
483 |
+ |
|
484 | 484 |
struct entity_conv conv; |
485 | 485 |
int rc; |
486 | 486 |
unsigned char entity_val[HTML_STR_LENGTH+1]; |
487 | 487 |
size_t entity_val_length = 0; |
488 |
+ const int dconf_entconv = dconf && dconf->phishing&PHISHING_CONF_ENTCONV; |
|
489 |
+ /* dconf for phishing engine sets scanContents, so no need for a flag here */ |
|
488 | 490 |
|
489 |
- tag_args.scanContents=0;/* do we need to store the contents of <a></a>?*/ |
|
490 |
- if(( rc = init_entity_converter(&conv, UNKNOWN, 16384) )) |
|
491 |
- return rc; |
|
492 |
-#endif |
|
493 | 491 |
|
492 |
+ tag_args.scanContents=0;/* do we need to store the contents of <a></a>?*/ |
|
494 | 493 |
if (!m_area) { |
495 | 494 |
if (fd < 0) { |
496 | 495 |
cli_dbgmsg("Invalid HTML fd\n"); |
... | ... |
@@ -508,12 +496,17 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
508 | 508 |
} |
509 | 509 |
} |
510 | 510 |
|
511 |
+ if(dconf_entconv && (rc = init_entity_converter(&conv, UNKNOWN, 16384) )) { |
|
512 |
+ if (!m_area) { |
|
513 |
+ fclose(stream_in); |
|
514 |
+ } |
|
515 |
+ return rc; |
|
516 |
+ } |
|
517 |
+ |
|
511 | 518 |
tag_args.count = 0; |
512 | 519 |
tag_args.tag = NULL; |
513 | 520 |
tag_args.value = NULL; |
514 |
-#ifdef CL_EXPERIMENTAL |
|
515 | 521 |
tag_args.contents = NULL; |
516 |
-#endif |
|
517 | 522 |
|
518 | 523 |
if (dirname) { |
519 | 524 |
snprintf(filename, 1024, "%s/rfc2397", dirname); |
... | ... |
@@ -589,17 +582,14 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
589 | 589 |
|
590 | 590 |
binary = FALSE; |
591 | 591 |
|
592 |
-#ifdef CL_EXPERIMENTAL |
|
593 |
- ptr = line = encoding_norm_readline(&conv, stream_in, m_area, 8192); |
|
594 |
-#else |
|
595 |
- ptr = line = cli_readline(stream_in, m_area, 8192); |
|
596 |
-#endif |
|
592 |
+ if(dconf_entconv) |
|
593 |
+ ptr = line = encoding_norm_readline(&conv, stream_in, m_area, 8192); |
|
594 |
+ else |
|
595 |
+ ptr = line = cli_readline(stream_in, m_area, 8192); |
|
597 | 596 |
|
598 | 597 |
while (line) { |
599 |
-#ifdef CL_EXPERIMENTAL |
|
600 | 598 |
if(href_contents_begin) |
601 | 599 |
href_contents_begin=ptr;/*start of a new line, last line already appended to contents see below*/ |
602 |
-#endif |
|
603 | 600 |
while (*ptr && isspace(*ptr)) { |
604 | 601 |
ptr++; |
605 | 602 |
} |
... | ... |
@@ -647,21 +637,17 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
647 | 647 |
break; |
648 | 648 |
case HTML_NORM: |
649 | 649 |
if (*ptr == '<') { |
650 |
-#ifdef CL_EXPERIMENTAL |
|
651 | 650 |
ptrend=ptr; /* for use by scanContents */ |
652 |
-#endif |
|
653 | 651 |
html_output_c(file_buff_o1, file_buff_o2, '<'); |
654 | 652 |
if (in_script) { |
655 | 653 |
html_output_c(file_buff_script, NULL, '<'); |
656 | 654 |
} |
657 |
-#ifdef CL_EXPERIMENTAL |
|
658 | 655 |
if(hrefs && hrefs->scanContents && in_ahref && href_contents_begin) { |
659 | 656 |
/*append this text portion to the contents of <a>*/ |
660 | 657 |
html_tag_contents_append(hrefs,in_ahref,href_contents_begin,ptr); |
661 | 658 |
html_tag_contents_length_check(hrefs,&in_ahref); |
662 | 659 |
href_contents_begin=NULL;/*We just encountered another tag inside <a>, so skip it*/ |
663 | 660 |
} |
664 |
-#endif |
|
665 | 661 |
ptr++; |
666 | 662 |
state = HTML_SKIP_WS; |
667 | 663 |
tag_length=0; |
... | ... |
@@ -931,7 +917,6 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
931 | 931 |
in_script=FALSE; |
932 | 932 |
html_output_c(file_buff_script, NULL, '\n'); |
933 | 933 |
} |
934 |
-#ifdef CL_EXPERIMENTAL |
|
935 | 934 |
if (hrefs && hrefs->scanContents && in_ahref) { |
936 | 935 |
if(strcmp(tag,"/a") == 0) { |
937 | 936 |
html_tag_contents_done(hrefs,in_ahref); |
... | ... |
@@ -941,11 +926,10 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
941 | 941 |
href_contents_begin=ptr; |
942 | 942 |
} |
943 | 943 |
if (strcmp(tag, "/form") == 0) { |
944 |
- if (in_form_action) |
|
945 |
- free(in_form_action); |
|
944 |
+ if (in_form_action) |
|
945 |
+ free(in_form_action); |
|
946 | 946 |
in_form_action = NULL; |
947 | 947 |
} |
948 |
-#endif |
|
949 | 948 |
} else if (strcmp(tag, "script") == 0) { |
950 | 949 |
arg_value = html_tag_arg_value(&tag_args, "language"); |
951 | 950 |
if (arg_value && (strcasecmp(arg_value, "jscript.encode") == 0)) { |
... | ... |
@@ -960,8 +944,7 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
960 | 960 |
in_script = TRUE; |
961 | 961 |
} |
962 | 962 |
html_output_tag(file_buff_script, tag, &tag_args); |
963 |
-#ifdef CL_EXPERIMENTAL |
|
964 |
- } else if (strcmp(tag, "meta") == 0) { |
|
963 |
+ } else if (dconf_entconv && strcmp(tag, "meta") == 0) { |
|
965 | 964 |
const unsigned char* http_equiv = html_tag_arg_value(&tag_args, "http-equiv"); |
966 | 965 |
const unsigned char* http_content = html_tag_arg_value(&tag_args, "content"); |
967 | 966 |
if(http_equiv && http_content && strcasecmp(http_equiv,"content-type") == 0) { |
... | ... |
@@ -983,22 +966,18 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
983 | 983 |
charset++;/* skip = */ |
984 | 984 |
len = strcspn((const char*)charset," \"'"); |
985 | 985 |
charset[len] = '\0'; |
986 |
- if(len) |
|
986 |
+ if(len) { |
|
987 | 987 |
process_encoding_set(&conv, charset, META); |
988 |
+ } |
|
988 | 989 |
} |
989 | 990 |
free(http_content2); |
990 | 991 |
} |
991 |
- |
|
992 |
-#endif |
|
993 | 992 |
} else if (hrefs) { |
994 |
-#ifdef CL_EXPERIMENTAL |
|
995 | 993 |
if(in_ahref && !href_contents_begin) |
996 | 994 |
href_contents_begin=ptr; |
997 |
-#endif |
|
998 | 995 |
if (strcmp(tag, "a") == 0) { |
999 | 996 |
arg_value = html_tag_arg_value(&tag_args, "href"); |
1000 | 997 |
if (arg_value && strlen(arg_value) > 0) { |
1001 |
-#ifdef CL_EXPERIMENTAL |
|
1002 | 998 |
if (hrefs->scanContents) { |
1003 | 999 |
unsigned char* arg_value_title = html_tag_arg_value(&tag_args,"title"); |
1004 | 1000 |
/*beginning of an <a> tag*/ |
... | ... |
@@ -1028,17 +1007,13 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
1028 | 1028 |
html_tag_contents_done(hrefs,hrefs->count); |
1029 | 1029 |
} |
1030 | 1030 |
} |
1031 |
-#endif |
|
1032 | 1031 |
html_tag_arg_add(hrefs, "href", arg_value); |
1033 |
-#ifdef CL_EXPERIMENTAL |
|
1034 | 1032 |
if (hrefs->scanContents) { |
1035 | 1033 |
in_ahref=hrefs->count; /* index of this tag (counted from 1) */ |
1036 | 1034 |
href_contents_begin=ptr;/* contents begin after <a ..> ends */ |
1037 | 1035 |
hrefs->contents[hrefs->count-1]=blobCreate(); |
1038 | 1036 |
} |
1039 |
-#endif |
|
1040 | 1037 |
} |
1041 |
-#ifdef CL_EXPERIMENTAL |
|
1042 | 1038 |
} else if (strcmp(tag,"form") == 0 && hrefs->scanContents) { |
1043 | 1039 |
const unsigned char* arg_action_value = html_tag_arg_value(&tag_args,"action"); |
1044 | 1040 |
if (arg_action_value) { |
... | ... |
@@ -1046,12 +1021,10 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
1046 | 1046 |
free(in_form_action); |
1047 | 1047 |
in_form_action = cli_strdup(arg_action_value); |
1048 | 1048 |
} |
1049 |
-#endif |
|
1050 | 1049 |
} else if (strcmp(tag, "img") == 0) { |
1051 | 1050 |
arg_value = html_tag_arg_value(&tag_args, "src"); |
1052 | 1051 |
if (arg_value && strlen(arg_value) > 0) { |
1053 | 1052 |
html_tag_arg_add(hrefs, "src", arg_value); |
1054 |
-#ifdef CL_EXPERIMENTAL |
|
1055 | 1053 |
if(hrefs->scanContents && in_ahref) |
1056 | 1054 |
/* "contents" of an img tag, is the URL of its parent <a> tag */ |
1057 | 1055 |
html_tag_set_inahref(hrefs,hrefs->count,in_ahref); |
... | ... |
@@ -1063,12 +1036,10 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
1063 | 1063 |
in_form_action + strlen(in_form_action)); |
1064 | 1064 |
html_tag_contents_done(hrefs,hrefs->count); |
1065 | 1065 |
} |
1066 |
-#endif |
|
1067 | 1066 |
} |
1068 | 1067 |
arg_value = html_tag_arg_value(&tag_args, "dynsrc"); |
1069 | 1068 |
if (arg_value && strlen(arg_value) > 0) { |
1070 | 1069 |
html_tag_arg_add(hrefs, "dynsrc", arg_value); |
1071 |
-#ifdef CL_EXPERIMENTAL |
|
1072 | 1070 |
if(hrefs->scanContents && in_ahref) |
1073 | 1071 |
/* see above */ |
1074 | 1072 |
html_tag_set_inahref(hrefs,hrefs->count,in_ahref); |
... | ... |
@@ -1080,13 +1051,11 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
1080 | 1080 |
in_form_action + strlen(in_form_action)); |
1081 | 1081 |
html_tag_contents_done(hrefs,hrefs->count); |
1082 | 1082 |
} |
1083 |
-#endif |
|
1084 | 1083 |
} |
1085 | 1084 |
} else if (strcmp(tag, "iframe") == 0) { |
1086 | 1085 |
arg_value = html_tag_arg_value(&tag_args, "src"); |
1087 | 1086 |
if (arg_value && strlen(arg_value) > 0) { |
1088 | 1087 |
html_tag_arg_add(hrefs, "iframe", arg_value); |
1089 |
-#ifdef CL_EXPERIMENTAL |
|
1090 | 1088 |
if(hrefs->scanContents && in_ahref) |
1091 | 1089 |
/* see above */ |
1092 | 1090 |
html_tag_set_inahref(hrefs,hrefs->count,in_ahref); |
... | ... |
@@ -1114,7 +1083,6 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
1114 | 1114 |
in_form_action + strlen(in_form_action)); |
1115 | 1115 |
html_tag_contents_done(hrefs,hrefs->count); |
1116 | 1116 |
} |
1117 |
-#endif |
|
1118 | 1117 |
} |
1119 | 1118 |
} |
1120 | 1119 |
/* TODO:imagemaps can have urls too */ |
... | ... |
@@ -1128,20 +1096,19 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
1128 | 1128 |
state = HTML_CHAR_REF_DECODE; |
1129 | 1129 |
ptr++; |
1130 | 1130 |
} else { |
1131 |
-#ifdef CL_EXPERIMENTAL |
|
1132 |
- state = HTML_ENTITY_REF_DECODE; |
|
1133 |
-#else |
|
1134 |
- if(next_state == HTML_TAG_ARG_VAL && tag_val_length < HTML_STR_LENGTH) { |
|
1135 |
- tag_val[tag_val_length++] = '&'; |
|
1136 |
- } |
|
1137 |
- html_output_c(file_buff_o1, file_buff_o2, '&'); |
|
1131 |
+ if(dconf_entconv) |
|
1132 |
+ state = HTML_ENTITY_REF_DECODE; |
|
1133 |
+ else { |
|
1134 |
+ if(next_state == HTML_TAG_ARG_VAL && tag_val_length < HTML_STR_LENGTH) { |
|
1135 |
+ tag_val[tag_val_length++] = '&'; |
|
1136 |
+ } |
|
1137 |
+ html_output_c(file_buff_o1, file_buff_o2, '&'); |
|
1138 | 1138 |
|
1139 |
- state = next_state; |
|
1140 |
- next_state = HTML_BAD_STATE; |
|
1141 |
-#endif |
|
1139 |
+ state = next_state; |
|
1140 |
+ next_state = HTML_BAD_STATE; |
|
1141 |
+ } |
|
1142 | 1142 |
} |
1143 | 1143 |
break; |
1144 |
-#ifdef CL_EXPERIMENTAL |
|
1145 | 1144 |
case HTML_ENTITY_REF_DECODE: |
1146 | 1145 |
if(*ptr == ';') { |
1147 | 1146 |
size_t i; |
... | ... |
@@ -1203,29 +1170,27 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
1203 | 1203 |
entity_val_length = 0; |
1204 | 1204 |
} |
1205 | 1205 |
break; |
1206 |
-#endif |
|
1207 | 1206 |
case HTML_CHAR_REF_DECODE: |
1208 | 1207 |
if ((value==0) && ((*ptr == 'x') || (*ptr == 'X'))) { |
1209 | 1208 |
hex=TRUE; |
1210 | 1209 |
ptr++; |
1211 | 1210 |
} else if (*ptr == ';') { |
1212 |
-#ifdef CL_EXPERIMENTAL |
|
1213 |
- if (next_state==HTML_TAG_ARG_VAL && tag_val_length < HTML_STR_LENGTH) { |
|
1214 |
- tag_val[tag_val_length++] = value; /* store encoded values too */ |
|
1215 |
- } |
|
1211 |
+ if(dconf_entconv) { |
|
1212 |
+ if (next_state==HTML_TAG_ARG_VAL && tag_val_length < HTML_STR_LENGTH) { |
|
1213 |
+ tag_val[tag_val_length++] = value; /* store encoded values too */ |
|
1214 |
+ } |
|
1216 | 1215 |
|
1217 |
- if(value < 0x80) |
|
1218 |
- html_output_c(file_buff_o1, file_buff_o2, tolower(value)); |
|
1219 |
- else { |
|
1220 |
- unsigned char buff[10]; |
|
1221 |
- snprintf((char*)buff,9,"&#%d;",value); |
|
1222 |
- buff[9] = '\0'; |
|
1223 |
- html_output_str(file_buff_o1, buff, strlen(buff)); |
|
1224 |
- html_output_str(file_buff_o2, buff, strlen(buff)); |
|
1225 |
- } |
|
1226 |
-#else |
|
1227 |
- html_output_c(file_buff_o1, file_buff_o2, value); |
|
1228 |
-#endif |
|
1216 |
+ if(value < 0x80) |
|
1217 |
+ html_output_c(file_buff_o1, file_buff_o2, tolower(value)); |
|
1218 |
+ else { |
|
1219 |
+ unsigned char buff[10]; |
|
1220 |
+ snprintf((char*)buff,9,"&#%d;",value); |
|
1221 |
+ buff[9] = '\0'; |
|
1222 |
+ html_output_str(file_buff_o1, buff, strlen(buff)); |
|
1223 |
+ html_output_str(file_buff_o2, buff, strlen(buff)); |
|
1224 |
+ } |
|
1225 |
+ } else |
|
1226 |
+ html_output_c(file_buff_o1, file_buff_o2, tolower(value)); |
|
1229 | 1227 |
state = next_state; |
1230 | 1228 |
next_state = HTML_BAD_STATE; |
1231 | 1229 |
ptr++; |
... | ... |
@@ -1510,22 +1475,19 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
1510 | 1510 |
break; |
1511 | 1511 |
} |
1512 | 1512 |
} |
1513 |
-#ifdef CL_EXPERIMENTAL |
|
1514 | 1513 |
if(hrefs && hrefs->scanContents && in_ahref && href_contents_begin) |
1515 | 1514 |
/* end of line, append contents now, resume on next line */ |
1516 | 1515 |
html_tag_contents_append(hrefs,in_ahref,href_contents_begin,ptr); |
1517 | 1516 |
ptrend = NULL; |
1518 |
-#endif |
|
1519 | 1517 |
free(line); |
1520 |
-#ifdef CL_EXPERIMENTAL |
|
1521 |
- ptr = line = encoding_norm_readline(&conv, stream_in, m_area, 8192); |
|
1522 |
-#else |
|
1523 |
- ptr = line = cli_readline(stream_in, m_area, 8192); |
|
1524 |
-#endif /* not CL_EXPERIMENTAL */ |
|
1518 |
+ if(dconf_entconv) |
|
1519 |
+ ptr = line = encoding_norm_readline(&conv, stream_in, m_area, 8192); |
|
1520 |
+ else |
|
1521 |
+ ptr = line = cli_readline(stream_in, m_area, 8192); |
|
1525 | 1522 |
} |
1526 | 1523 |
|
1527 |
-#ifdef CL_EXPERIMENTAL |
|
1528 |
- {/* handle "unfinished" entitites */ |
|
1524 |
+ if(dconf_entconv) { |
|
1525 |
+ /* handle "unfinished" entitites */ |
|
1529 | 1526 |
size_t i; |
1530 | 1527 |
unsigned char* normalized; |
1531 | 1528 |
entity_val[entity_val_length] = '\0'; |
... | ... |
@@ -1543,16 +1505,15 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag |
1543 | 1543 |
} |
1544 | 1544 |
} |
1545 | 1545 |
} |
1546 |
-#endif |
|
1547 | 1546 |
retval = TRUE; |
1548 | 1547 |
abort: |
1549 |
-#ifdef CL_EXPERIMENTAL |
|
1550 | 1548 |
if (in_form_action) |
1551 | 1549 |
free(in_form_action); |
1552 | 1550 |
if (in_ahref) /* tag not closed, force closing */ |
1553 | 1551 |
html_tag_contents_done(hrefs,in_ahref); |
1554 |
- entity_norm_done(&conv); |
|
1555 |
-#endif |
|
1552 |
+ |
|
1553 |
+ if(dconf_entconv) |
|
1554 |
+ entity_norm_done(&conv); |
|
1556 | 1555 |
html_tag_arg_free(&tag_args); |
1557 | 1556 |
if (!m_area) { |
1558 | 1557 |
fclose(stream_in); |
... | ... |
@@ -1575,7 +1536,7 @@ abort: |
1575 | 1575 |
return retval; |
1576 | 1576 |
} |
1577 | 1577 |
|
1578 |
-int html_normalise_mem(unsigned char *in_buff, off_t in_size, const char *dirname, tag_arguments_t *hrefs) |
|
1578 |
+int html_normalise_mem(unsigned char *in_buff, off_t in_size, const char *dirname, tag_arguments_t *hrefs,const struct cli_dconf* dconf) |
|
1579 | 1579 |
{ |
1580 | 1580 |
m_area_t m_area; |
1581 | 1581 |
|
... | ... |
@@ -1583,10 +1544,10 @@ int html_normalise_mem(unsigned char *in_buff, off_t in_size, const char *dirnam |
1583 | 1583 |
m_area.length = in_size; |
1584 | 1584 |
m_area.offset = 0; |
1585 | 1585 |
|
1586 |
- return cli_html_normalise(-1, &m_area, dirname, hrefs); |
|
1586 |
+ return cli_html_normalise(-1, &m_area, dirname, hrefs, dconf); |
|
1587 | 1587 |
} |
1588 | 1588 |
|
1589 |
-int html_normalise_fd(int fd, const char *dirname, tag_arguments_t *hrefs) |
|
1589 |
+int html_normalise_fd(int fd, const char *dirname, tag_arguments_t *hrefs,const struct cli_dconf* dconf) |
|
1590 | 1590 |
{ |
1591 | 1591 |
#if HAVE_MMAP |
1592 | 1592 |
int retval=FALSE; |
... | ... |
@@ -1599,19 +1560,19 @@ int html_normalise_fd(int fd, const char *dirname, tag_arguments_t *hrefs) |
1599 | 1599 |
m_area.offset = 0; |
1600 | 1600 |
if (m_area.buffer == MAP_FAILED) { |
1601 | 1601 |
cli_dbgmsg("mmap HTML failed\n"); |
1602 |
- retval = cli_html_normalise(fd, NULL, dirname, hrefs); |
|
1602 |
+ retval = cli_html_normalise(fd, NULL, dirname, hrefs, dconf); |
|
1603 | 1603 |
} else { |
1604 | 1604 |
cli_dbgmsg("mmap'ed file\n"); |
1605 |
- retval = cli_html_normalise(-1, &m_area, dirname, hrefs); |
|
1605 |
+ retval = cli_html_normalise(-1, &m_area, dirname, hrefs, dconf); |
|
1606 | 1606 |
munmap(m_area.buffer, m_area.length); |
1607 | 1607 |
} |
1608 | 1608 |
} else { |
1609 | 1609 |
cli_dbgmsg("fstat HTML failed\n"); |
1610 |
- retval = cli_html_normalise(fd, NULL, dirname, hrefs); |
|
1610 |
+ retval = cli_html_normalise(fd, NULL, dirname, hrefs, dconf); |
|
1611 | 1611 |
} |
1612 | 1612 |
return retval; |
1613 | 1613 |
#else |
1614 |
- return cli_html_normalise(fd, NULL, dirname, hrefs); |
|
1614 |
+ return cli_html_normalise(fd, NULL, dirname, hrefs, dconf); |
|
1615 | 1615 |
#endif |
1616 | 1616 |
} |
1617 | 1617 |
|
... | ... |
@@ -37,8 +37,8 @@ typedef struct m_area_tag { |
37 | 37 |
|
38 | 38 |
|
39 | 39 |
unsigned char *cli_readline(FILE *stream, m_area_t *m_area, unsigned int max_len); |
40 |
-int html_normalise_mem(unsigned char *in_buff, off_t in_size, const char *dirname, tag_arguments_t *hrefs); |
|
41 |
-int html_normalise_fd(int fd, const char *dirname, tag_arguments_t *hrefs); |
|
40 |
+int html_normalise_mem(unsigned char *in_buff, off_t in_size, const char *dirname, tag_arguments_t *hrefs,const struct cli_dconf* dconf); |
|
41 |
+int html_normalise_fd(int fd, const char *dirname, tag_arguments_t *hrefs,const struct cli_dconf* dconf); |
|
42 | 42 |
void html_tag_arg_free(tag_arguments_t *tags); |
43 | 43 |
int html_screnc_decode(int fd, const char *dirname); |
44 | 44 |
|
... | ... |
@@ -20,7 +20,6 @@ |
20 | 20 |
* |
21 | 21 |
*/ |
22 | 22 |
|
23 |
-#ifdef CL_EXPERIMENTAL |
|
24 | 23 |
|
25 | 24 |
#ifndef _PHISH_DOMAINCHECK_DB_H |
26 | 25 |
#define _PHISH_DOMAINCHECK_DB_H |
... | ... |
@@ -34,4 +33,3 @@ int domainlist_match(const struct cl_engine* engine,const char* real_url,const c |
34 | 34 |
|
35 | 35 |
#endif |
36 | 36 |
|
37 |
-#endif |
... | ... |
@@ -24,8 +24,6 @@ |
24 | 24 |
#include "clamav-config.h" |
25 | 25 |
#endif |
26 | 26 |
|
27 |
-#ifdef CL_EXPERIMENTAL |
|
28 |
- |
|
29 | 27 |
#ifndef CL_DEBUG |
30 | 28 |
#define NDEBUG |
31 | 29 |
#endif |
... | ... |
@@ -746,18 +744,13 @@ cleanupURL(struct string *URL, int isReal) |
746 | 746 |
} |
747 | 747 |
|
748 | 748 |
|
749 |
-/* ---- runtime disable ------*/ |
|
750 |
-void phish_disable(struct cl_engine* engine, const char* reason) |
|
751 |
-{ |
|
752 |
- cli_warnmsg("Disabling phishing checks, reason:%s\n",reason); |
|
753 |
- phishing_done(engine);/* sets is_disabled, and frees allocated mem for phishcheck */ |
|
754 |
-} |
|
755 | 749 |
/* -------end runtime disable---------*/ |
756 | 750 |
|
757 | 751 |
int phishingScan(message* m,const char* dir,cli_ctx* ctx,tag_arguments_t* hrefs) |
758 | 752 |
{ |
759 | 753 |
int i; |
760 | 754 |
struct phishcheck* pchk = (struct phishcheck*) ctx->engine->phishcheck; |
755 |
+ /* check for status of whitelist fatal error, etc. */ |
|
761 | 756 |
if(!pchk || pchk->is_disabled) |
762 | 757 |
return CL_CLEAN; |
763 | 758 |
|
... | ... |
@@ -1285,4 +1278,3 @@ static const char* phishing_ret_toString(enum phish_status rc) |
1285 | 1285 |
} |
1286 | 1286 |
} |
1287 | 1287 |
|
1288 |
-#endif |
... | ... |
@@ -1192,7 +1192,7 @@ static int cli_scanhtml(int desc, cli_ctx *ctx) |
1192 | 1192 |
return CL_ETMPDIR; |
1193 | 1193 |
} |
1194 | 1194 |
|
1195 |
- html_normalise_fd(desc, tempname, NULL); |
|
1195 |
+ html_normalise_fd(desc, tempname, NULL, ctx->dconf); |
|
1196 | 1196 |
snprintf(fullname, 1024, "%s/comment.html", tempname); |
1197 | 1197 |
fd = open(fullname, O_RDONLY|O_BINARY); |
1198 | 1198 |
if (fd >= 0) { |