Browse code
Handle multiple content-type headers and use the most likely
git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@889 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/09/17 19:57:56Showing 2 changed files
| ... | ... |
@@ -1,3 +1,7 @@ |
| 1 |
+Fri Sep 17 11:56:58 BST 2004 (njh) |
|
| 2 |
+---------------------------------- |
|
| 3 |
+ * libclamav: Handle even more attempts to falsify the mime type |
|
| 4 |
+ |
|
| 1 | 5 |
Fri Sep 17 11:06:42 BST 2004 (trog) |
| 2 | 6 |
----------------------------------- |
| 3 | 7 |
* libclamav/htmlnorm.c: fix breakage resulting from yesterdays change |
| ... | ... |
@@ -17,6 +17,9 @@ |
| 17 | 17 |
* |
| 18 | 18 |
* Change History: |
| 19 | 19 |
* $Log: mbox.c,v $ |
| 20 |
+ * Revision 1.130 2004/09/17 10:56:29 nigelhorne |
|
| 21 |
+ * Handle multiple content-type headers and use the most likely |
|
| 22 |
+ * |
|
| 20 | 23 |
* Revision 1.129 2004/09/17 09:48:53 nigelhorne |
| 21 | 24 |
* Handle attempts to hide mime type |
| 22 | 25 |
* |
| ... | ... |
@@ -375,7 +378,7 @@ |
| 375 | 375 |
* Compilable under SCO; removed duplicate code with message.c |
| 376 | 376 |
* |
| 377 | 377 |
*/ |
| 378 |
-static char const rcsid[] = "$Id: mbox.c,v 1.129 2004/09/17 09:48:53 nigelhorne Exp $"; |
|
| 378 |
+static char const rcsid[] = "$Id: mbox.c,v 1.130 2004/09/17 10:56:29 nigelhorne Exp $"; |
|
| 379 | 379 |
|
| 380 | 380 |
#if HAVE_CONFIG_H |
| 381 | 381 |
#include "clamav-config.h" |
| ... | ... |
@@ -2123,6 +2126,9 @@ parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const c |
| 2123 | 2123 |
*/ |
| 2124 | 2124 |
cli_dbgmsg("Invalid content-type '%s' received, no subtype specified, assuming text/plain; charset=us-ascii\n", copy);
|
| 2125 | 2125 |
else {
|
| 2126 |
+ char *mimeArgs; /* RHS of the ; */ |
|
| 2127 |
+ |
|
| 2128 |
+ mimeArgs = cli_strtok(copy, 1, ";"); |
|
| 2126 | 2129 |
/* |
| 2127 | 2130 |
* Some clients are broken and |
| 2128 | 2131 |
* put white space after the ; |
| ... | ... |
@@ -2131,11 +2137,12 @@ parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const c |
| 2131 | 2131 |
cli_warnmsg("Content-type '/' received, assuming application/octet-stream\n");
|
| 2132 | 2132 |
messageSetMimeType(m, "application"); |
| 2133 | 2133 |
messageSetMimeSubtype(m, "octet-stream"); |
| 2134 |
- strtok_r(copy, ";", &strptr); |
|
| 2135 | 2134 |
} else {
|
| 2136 | 2135 |
char *s; |
| 2136 |
+ char *mimeType; /* LHS of the ; */ |
|
| 2137 | 2137 |
size_t len; |
| 2138 | 2138 |
|
| 2139 |
+ s = mimeType = cli_strtok(copy, 0, ";"); |
|
| 2139 | 2140 |
/* |
| 2140 | 2141 |
* The content type could be in quotes: |
| 2141 | 2142 |
* Content-Type: "multipart/mixed" |
| ... | ... |
@@ -2143,31 +2150,53 @@ parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const c |
| 2143 | 2143 |
* the quotes, it doesn't handle |
| 2144 | 2144 |
* them properly |
| 2145 | 2145 |
*/ |
| 2146 |
- while(isspace(*copy)) |
|
| 2147 |
- copy++; |
|
| 2148 |
- if(copy[0] == '\"') |
|
| 2149 |
- copy++; |
|
| 2150 |
- if(copy[0] != '/') {
|
|
| 2151 |
- int set = messageSetMimeType(m, strtok_r(copy, "/", &strptr)); |
|
| 2146 |
+ while(isspace(*s)) |
|
| 2147 |
+ s++; |
|
| 2148 |
+ if(s[0] == '\"') |
|
| 2149 |
+ s++; |
|
| 2152 | 2150 |
|
| 2151 |
+ if(s[0] != '/') |
|
| 2153 | 2152 |
/* |
| 2154 |
- * Stephen White <stephen@earth.li> |
|
| 2155 |
- * Some clients put space after |
|
| 2156 |
- * the mime type but before |
|
| 2157 |
- * the ; |
|
| 2153 |
+ * Handle |
|
| 2154 |
+ * Content-Type: foo/bar multipart/mixed |
|
| 2155 |
+ * and |
|
| 2156 |
+ * Content-Type: multipart/mixed foo/bar |
|
| 2158 | 2157 |
*/ |
| 2159 |
- s = strtok_r(NULL, ";", &strptr); |
|
| 2160 |
- if(s && set) {
|
|
| 2161 |
- len = strstrip(s) - 1; |
|
| 2162 |
- if(s[len] == '\"') {
|
|
| 2163 |
- s[len] = '\0'; |
|
| 2164 |
- len = strstrip(s); |
|
| 2158 |
+ for(;;) {
|
|
| 2159 |
+ int set = messageSetMimeType(m, strtok_r(s, "/", &strptr)); |
|
| 2160 |
+ |
|
| 2161 |
+ |
|
| 2162 |
+ /* |
|
| 2163 |
+ * Stephen White <stephen@earth.li> |
|
| 2164 |
+ * Some clients put space after |
|
| 2165 |
+ * the mime type but before |
|
| 2166 |
+ * the ; |
|
| 2167 |
+ */ |
|
| 2168 |
+ s = strtok_r(NULL, ";", &strptr); |
|
| 2169 |
+ if(s == NULL) |
|
| 2170 |
+ break; |
|
| 2171 |
+ if(set) {
|
|
| 2172 |
+ len = strstrip(s) - 1; |
|
| 2173 |
+ if(s[len] == '\"') {
|
|
| 2174 |
+ s[len] = '\0'; |
|
| 2175 |
+ len = strstrip(s); |
|
| 2176 |
+ } |
|
| 2177 |
+ if(len) {
|
|
| 2178 |
+ char *t = cli_strtok(s, 0, " "); |
|
| 2179 |
+ |
|
| 2180 |
+ messageSetMimeSubtype(m, t); |
|
| 2181 |
+ free(t); |
|
| 2182 |
+ } |
|
| 2165 | 2183 |
} |
| 2166 |
- if(len) |
|
| 2167 |
- messageSetMimeSubtype(m, s); |
|
| 2184 |
+ |
|
| 2185 |
+ while(*s && !isspace(*s)) |
|
| 2186 |
+ s++; |
|
| 2187 |
+ if(*s++ == '\0') |
|
| 2188 |
+ break; |
|
| 2189 |
+ if(*s == '\0') |
|
| 2190 |
+ break; |
|
| 2168 | 2191 |
} |
| 2169 |
- } else |
|
| 2170 |
- (void)strtok_r(copy, ";", &strptr); |
|
| 2192 |
+ free(mimeType); |
|
| 2171 | 2193 |
} |
| 2172 | 2194 |
|
| 2173 | 2195 |
/* |
| ... | ... |
@@ -2176,9 +2205,10 @@ parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const c |
| 2176 | 2176 |
* Content-Type:', arg='multipart/mixed; boundary=foo |
| 2177 | 2177 |
* we find the boundary argument set it |
| 2178 | 2178 |
*/ |
| 2179 |
- copy = strtok_r(NULL, "", &strptr); |
|
| 2180 |
- if(copy) |
|
| 2181 |
- messageAddArguments(m, copy); |
|
| 2179 |
+ if(mimeArgs) {
|
|
| 2180 |
+ messageAddArguments(m, mimeArgs); |
|
| 2181 |
+ free(mimeArgs); |
|
| 2182 |
+ } |
|
| 2182 | 2183 |
} |
| 2183 | 2184 |
break; |
| 2184 | 2185 |
case CONTENT_TRANSFER_ENCODING: |