git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@216 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/01/28 19:16:51... | ... |
@@ -1,3 +1,9 @@ |
1 |
+Wed Jan 28 10:16:49 GMT 2004 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamav: Added support to scan some bounce messages |
|
4 |
+ Thanks to Jay <sysop-clamav@coronastreet.net> for |
|
5 |
+ letting me bounce ideas off him |
|
6 |
+ |
|
1 | 7 |
Tue Jan 27 22:36:31 CET 2004 (tk) |
2 | 8 |
--------------------------------- |
3 | 9 |
* clamd: clamuko: support VirusEvent (requested by Matt Butt |
... | ... |
@@ -17,6 +17,9 @@ |
17 | 17 |
* |
18 | 18 |
* Change History: |
19 | 19 |
* $Log: mbox.c,v $ |
20 |
+ * Revision 1.35 2004/01/28 10:15:24 nigelhorne |
|
21 |
+ * Added support to scan some bounce messages |
|
22 |
+ * |
|
20 | 23 |
* Revision 1.34 2004/01/24 17:43:37 nigelhorne |
21 | 24 |
* Removed (incorrect) warning about uninitialised variable |
22 | 25 |
* |
... | ... |
@@ -93,7 +96,7 @@ |
93 | 93 |
* Compilable under SCO; removed duplicate code with message.c |
94 | 94 |
* |
95 | 95 |
*/ |
96 |
-static char const rcsid[] = "$Id: mbox.c,v 1.34 2004/01/24 17:43:37 nigelhorne Exp $"; |
|
96 |
+static char const rcsid[] = "$Id: mbox.c,v 1.35 2004/01/28 10:15:24 nigelhorne Exp $"; |
|
97 | 97 |
|
98 | 98 |
#ifndef CL_DEBUG |
99 | 99 |
/*#define NDEBUG /* map CLAMAV debug onto standard */ |
... | ... |
@@ -156,6 +159,7 @@ static size_t strip(char *buf, int len); |
156 | 156 |
static size_t strstrip(char *s); |
157 | 157 |
static bool continuationMarker(const char *line); |
158 | 158 |
static int parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const char *arg); |
159 |
+static void saveTextPart(message *m, const char *dir); |
|
159 | 160 |
static bool saveFile(const blob *b, const char *dir); |
160 | 161 |
|
161 | 162 |
/* Maximum number of attachments that we accept */ |
... | ... |
@@ -1158,9 +1162,9 @@ parseEmailBody(message *messageIn, blob **blobsIn, int nBlobs, text *textIn, con |
1158 | 1158 |
/* |
1159 | 1159 |
* Look for uu-encoded main file |
1160 | 1160 |
*/ |
1161 |
- const text *t_line = uuencodeBegin(mainMessage); |
|
1161 |
+ const text *t_line; |
|
1162 | 1162 |
|
1163 |
- if(t_line != NULL) { |
|
1163 |
+ if((t_line = uuencodeBegin(mainMessage)) != NULL) { |
|
1164 | 1164 |
cli_dbgmsg("Found uuencoded file\n"); |
1165 | 1165 |
|
1166 | 1166 |
/* |
... | ... |
@@ -1176,21 +1180,40 @@ parseEmailBody(message *messageIn, blob **blobsIn, int nBlobs, text *textIn, con |
1176 | 1176 |
} |
1177 | 1177 |
blobDestroy(b); |
1178 | 1178 |
} |
1179 |
- } else { |
|
1180 |
- cli_dbgmsg("Not found uuencoded file\n"); |
|
1179 |
+ } else if((t_line = bounceBegin(mainMessage)) != NULL) { |
|
1180 |
+ /* |
|
1181 |
+ * Attempt to save the original (unbounced) |
|
1182 |
+ * message - clamscan will find that in the |
|
1183 |
+ * directory and call us again (with any luck) |
|
1184 |
+ * having found an e-mail message to handle |
|
1185 |
+ */ |
|
1181 | 1186 |
|
1182 |
- messageAddArgument(mainMessage, "filename=textportion"); |
|
1183 |
- if((b = messageToBlob(mainMessage)) != NULL) { |
|
1184 |
- /* |
|
1185 |
- * Save main part to scan that |
|
1186 |
- */ |
|
1187 |
- cli_dbgmsg("Saving main message, encoded with scheme %d\n", |
|
1188 |
- messageGetEncoding(mainMessage)); |
|
1187 |
+ /* |
|
1188 |
+ * Ignore the blank lines before the message |
|
1189 |
+ * proper |
|
1190 |
+ */ |
|
1191 |
+ while((t_line = t_line->t_next) != NULL) |
|
1192 |
+ if(strcmp(t_line->t_text, "") != 0) |
|
1193 |
+ break; |
|
1194 |
+ |
|
1195 |
+ if(t_line == NULL) { |
|
1196 |
+ cli_dbgmsg("Not found bounce message\n"); |
|
1197 |
+ saveTextPart(mainMessage, dir); |
|
1198 |
+ } else if((b = blobCreate()) != NULL) { |
|
1199 |
+ cli_dbgmsg("Found a bounce message\n"); |
|
1200 |
+ do { |
|
1201 |
+ blobAddData(b, (unsigned char *)t_line->t_text, strlen(t_line->t_text)); |
|
1202 |
+ blobAddData(b, (unsigned char *)"\n", 1); |
|
1203 |
+ } while((t_line = t_line->t_next) != NULL); |
|
1189 | 1204 |
|
1190 |
- (void)saveFile(b, dir); |
|
1205 |
+ saveFile(b, dir); |
|
1191 | 1206 |
|
1192 | 1207 |
blobDestroy(b); |
1193 | 1208 |
} |
1209 |
+ } else { |
|
1210 |
+ cli_dbgmsg("Not found uuencoded file\n"); |
|
1211 |
+ |
|
1212 |
+ saveTextPart(mainMessage, dir); |
|
1194 | 1213 |
} |
1195 | 1214 |
} else |
1196 | 1215 |
rc = (multiparts) ? 1 : 2; /* anything saved? */ |
... | ... |
@@ -1495,6 +1518,28 @@ parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const c |
1495 | 1495 |
} |
1496 | 1496 |
|
1497 | 1497 |
/* |
1498 |
+ * Save the text portion of the message |
|
1499 |
+ */ |
|
1500 |
+static void |
|
1501 |
+saveTextPart(message *m, const char *dir) |
|
1502 |
+{ |
|
1503 |
+ blob *b; |
|
1504 |
+ |
|
1505 |
+ messageAddArgument(m, "filename=textportion"); |
|
1506 |
+ if((b = messageToBlob(m)) != NULL) { |
|
1507 |
+ /* |
|
1508 |
+ * Save main part to scan that |
|
1509 |
+ */ |
|
1510 |
+ cli_dbgmsg("Saving main message, encoded with scheme %d\n", |
|
1511 |
+ messageGetEncoding(m)); |
|
1512 |
+ |
|
1513 |
+ (void)saveFile(b, dir); |
|
1514 |
+ |
|
1515 |
+ blobDestroy(b); |
|
1516 |
+ } |
|
1517 |
+} |
|
1518 |
+ |
|
1519 |
+/* |
|
1498 | 1520 |
* Save some data as a unique file in the given directory. |
1499 | 1521 |
*/ |
1500 | 1522 |
static bool |
... | ... |
@@ -17,6 +17,9 @@ |
17 | 17 |
* |
18 | 18 |
* Change History: |
19 | 19 |
* $Log: message.c,v $ |
20 |
+ * Revision 1.16 2004/01/28 10:15:24 nigelhorne |
|
21 |
+ * Added support to scan some bounce messages |
|
22 |
+ * |
|
20 | 23 |
* Revision 1.15 2004/01/14 10:08:45 nigelhorne |
21 | 24 |
* blobGetData now allows contents to be changed - tuttut |
22 | 25 |
* |
... | ... |
@@ -42,7 +45,7 @@ |
42 | 42 |
* uuencodebegin() no longer static |
43 | 43 |
* |
44 | 44 |
*/ |
45 |
-static char const rcsid[] = "$Id: message.c,v 1.15 2004/01/14 10:08:45 nigelhorne Exp $"; |
|
45 |
+static char const rcsid[] = "$Id: message.c,v 1.16 2004/01/28 10:15:24 nigelhorne Exp $"; |
|
46 | 46 |
|
47 | 47 |
#ifndef CL_DEBUG |
48 | 48 |
/*#define NDEBUG /* map CLAMAV debug onto standard */ |
... | ... |
@@ -965,6 +968,23 @@ binhexBegin(const message *m) |
965 | 965 |
} |
966 | 966 |
|
967 | 967 |
/* |
968 |
+ * Scan to find a bounce message. There is no standard for these, not |
|
969 |
+ * even a convention, so don't expect this to be foolproof |
|
970 |
+ */ |
|
971 |
+const text * |
|
972 |
+bounceBegin(const message *m) |
|
973 |
+{ |
|
974 |
+ const text *t_line; |
|
975 |
+ |
|
976 |
+ for(t_line = messageGetBody(m); t_line; t_line = t_line->t_next) |
|
977 |
+ if((strcasecmp(t_line->t_text, "--- Below this line is a copy of the message.") == 0) || |
|
978 |
+ (strcasecmp(t_line->t_text, "------ This is a copy of the message, including all the headers. ------") == 0)) |
|
979 |
+ return t_line; |
|
980 |
+ |
|
981 |
+ return NULL; |
|
982 |
+} |
|
983 |
+ |
|
984 |
+/* |
|
968 | 985 |
* Decode a line and add it to a buffer, return the end of the buffer |
969 | 986 |
* to help appending callers. There is no new line at the end of "line" |
970 | 987 |
* |
... | ... |
@@ -16,6 +16,9 @@ |
16 | 16 |
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
17 | 17 |
* |
18 | 18 |
* $Log: message.h,v $ |
19 |
+ * Revision 1.5 2004/01/28 10:15:24 nigelhorne |
|
20 |
+ * Added support to scan some bounce messages |
|
21 |
+ * |
|
19 | 22 |
* Revision 1.4 2004/01/14 18:02:55 nigelhorne |
20 | 23 |
* added definition of binhexBegin |
21 | 24 |
* |
... | ... |
@@ -55,5 +58,6 @@ blob *messageToBlob(const message *m); |
55 | 55 |
text *messageToText(const message *m); |
56 | 56 |
const text *uuencodeBegin(const message *m); |
57 | 57 |
const text *binhexBegin(const message *m); |
58 |
+const text *bounceBegin(const message *m); |
|
58 | 59 |
|
59 | 60 |
#endif /*_MESSAGE_H*/ |