git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@174 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/01/09 19:22:28... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Fri Jan 9 10:21:27 GMT 2004 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamav: Locate uuencoded viruses hidden in text poritions of |
|
4 |
+ multipart/mixed mime messages |
|
5 |
+ |
|
1 | 6 |
Fri Jan 9 02:07:53 CET 2004 (tk) |
2 | 7 |
--------------------------------- |
3 | 8 |
* freshclam: restored old command line options (except for proxy settings) - |
... | ... |
@@ -17,6 +17,9 @@ |
17 | 17 |
* |
18 | 18 |
* Change History: |
19 | 19 |
* $Log: mbox.c,v $ |
20 |
+ * Revision 1.26 2004/01/09 10:20:54 nigelhorne |
|
21 |
+ * Locate uuencoded viruses hidden in text poritions of multipart/mixed mime messages |
|
22 |
+ * |
|
20 | 23 |
* Revision 1.25 2004/01/06 14:41:18 nigelhorne |
21 | 24 |
* Handle headers which do not not have a space after the ':' |
22 | 25 |
* |
... | ... |
@@ -66,7 +69,7 @@ |
66 | 66 |
* Compilable under SCO; removed duplicate code with message.c |
67 | 67 |
* |
68 | 68 |
*/ |
69 |
-static char const rcsid[] = "$Id: mbox.c,v 1.25 2004/01/06 14:41:18 nigelhorne Exp $"; |
|
69 |
+static char const rcsid[] = "$Id: mbox.c,v 1.26 2004/01/09 10:20:54 nigelhorne Exp $"; |
|
70 | 70 |
|
71 | 71 |
#ifndef CL_DEBUG |
72 | 72 |
/*#define NDEBUG /* map CLAMAV debug onto standard */ |
... | ... |
@@ -130,7 +133,7 @@ static bool continuationMarker(const char *line); |
130 | 130 |
static int parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const char *arg); |
131 | 131 |
static bool saveFile(const blob *b, const char *dir); |
132 | 132 |
|
133 |
-/* Maximum number of attachements that we accept */ |
|
133 |
+/* Maximum number of attachments that we accept */ |
|
134 | 134 |
#define MAX_ATTACHMENTS 10 |
135 | 135 |
|
136 | 136 |
/* Maximum line length according to RFC821 */ |
... | ... |
@@ -437,8 +440,8 @@ parseEmailHeaders(const message *m, const table_t *rfc821Table) |
437 | 437 |
* |
438 | 438 |
* Returns: |
439 | 439 |
* 0 for fail |
440 |
- * 1 for success, attachements saved |
|
441 |
- * 2 for success, attachements not saved |
|
440 |
+ * 1 for success, attachments saved |
|
441 |
+ * 2 for success, attachments not saved |
|
442 | 442 |
*/ |
443 | 443 |
static int /* success or fail */ |
444 | 444 |
parseEmailBody(message *mainMessage, blob **blobsIn, int nBlobs, text *textIn, const char *dir, table_t *rfc821Table, table_t *subtypeTable) |
... | ... |
@@ -841,21 +844,30 @@ parseEmailBody(message *mainMessage, blob **blobsIn, int nBlobs, text *textIn, c |
841 | 841 |
assert(messageGetBody(aMessage) != NULL); |
842 | 842 |
break; |
843 | 843 |
case TEXT: |
844 |
+ cli_dbgmsg("Mixed message text part disposition \"%s\"\n", |
|
845 |
+ dtype); |
|
844 | 846 |
if(strcasecmp(dtype, "attachment") == 0) |
845 | 847 |
addAttachment = TRUE; |
846 | 848 |
else if((*dtype == '\0') || (strcasecmp(dtype, "inline") == 0)) { |
849 |
+ const text *t_line = uuencodeBegin(aMessage); |
|
850 |
+ |
|
847 | 851 |
mainMessage = NULL; |
848 |
- /* |
|
849 |
- * Strictly speaking |
|
850 |
- * a text/html part is |
|
851 |
- * not an attachment. We |
|
852 |
- * pretend it is so that |
|
853 |
- * we can decode and |
|
854 |
- * scan it |
|
855 |
- */ |
|
856 |
- if(strcasecmp(messageGetMimeSubtype(aMessage), "plain") == 0) |
|
852 |
+ if(t_line) { |
|
853 |
+ cli_dbgmsg("Found uuencoded message in multipart/mixed text portion\n"); |
|
854 |
+ messageSetEncoding(aMessage, "x-uuencode"); |
|
855 |
+ addAttachment = TRUE; |
|
856 |
+ } else if(strcasecmp(messageGetMimeSubtype(aMessage), "plain") == 0) { |
|
857 |
+ /* |
|
858 |
+ * Strictly speaking |
|
859 |
+ * a text/html part is |
|
860 |
+ * not an attachment. We |
|
861 |
+ * pretend it is so that |
|
862 |
+ * we can decode and |
|
863 |
+ * scan it |
|
864 |
+ */ |
|
865 |
+ cli_dbgmsg("Adding part to main message\n"); |
|
857 | 866 |
addToText = TRUE; |
858 |
- else { |
|
867 |
+ } else { |
|
859 | 868 |
messageAddArgument(aMessage, "filename=textportion"); |
860 | 869 |
addAttachment = TRUE; |
861 | 870 |
} |
... | ... |
@@ -1143,7 +1155,7 @@ parseEmailBody(message *mainMessage, blob **blobsIn, int nBlobs, text *textIn, c |
1143 | 1143 |
/* |
1144 | 1144 |
* Main part contains uuencoded section |
1145 | 1145 |
*/ |
1146 |
- messageSetEncoding(mainMessage, "x-uuencode"); |
|
1146 |
+ messageSetEncoding(mainMessage, "x-uuencode"); |
|
1147 | 1147 |
|
1148 | 1148 |
if((b = messageToBlob(mainMessage)) != NULL) { |
1149 | 1149 |
if((cptr = blobGetFilename(b)) != NULL) { |