If a quoted mime argument is unterminated, use all remaining line characters.
Patrick Monnerat authored on 2018/10/11 00:49:43... | ... |
@@ -538,10 +538,10 @@ messageAddArguments(message *m, const char *s) |
538 | 538 |
while(isspace(*string) && (*string != '\0')) |
539 | 539 |
string++; |
540 | 540 |
|
541 |
- cptr = string++; |
|
541 |
+ cptr = string; |
|
542 | 542 |
|
543 |
- if(strlen(key) == 0) |
|
544 |
- continue; |
|
543 |
+ if (*string) |
|
544 |
+ string++; |
|
545 | 545 |
|
546 | 546 |
if(*cptr == '"') { |
547 | 547 |
char *ptr, *kcopy; |
... | ... |
@@ -582,7 +582,14 @@ messageAddArguments(message *m, const char *s) |
582 | 582 |
|
583 | 583 |
data = cli_strdup(cptr); |
584 | 584 |
|
585 |
- ptr = (data) ? strchr(data, '"') : NULL; |
|
585 |
+ if (!data) { |
|
586 |
+ cli_dbgmsg("Can't parse header \"%s\" - if you believe this file contains a missed virus, report it to bugs@clamav.net\n", s); |
|
587 |
+ free((char *)key); |
|
588 |
+ return; |
|
589 |
+ } |
|
590 |
+ |
|
591 |
+ ptr = strchr(data, '"'); |
|
592 |
+ |
|
586 | 593 |
if(ptr == NULL) { |
587 | 594 |
/* |
588 | 595 |
* Weird e-mail header such as: |
... | ... |
@@ -592,17 +599,11 @@ messageAddArguments(message *m, const char *s) |
592 | 592 |
* Content-Disposition: attachment; filename=" |
593 | 593 |
* " |
594 | 594 |
* |
595 |
- * TODO: the file should still be saved and |
|
596 |
- * virus checked |
|
595 |
+ * Use the end of line as data. |
|
597 | 596 |
*/ |
598 |
- cli_dbgmsg("Can't parse header \"%s\" - if you believe this file contains a virus, submit it to www.clamav.net\n", s); |
|
599 |
- if(data) |
|
600 |
- free(data); |
|
601 |
- free(kcopy); |
|
602 |
- return; |
|
603 |
- } |
|
604 |
- |
|
605 |
- *ptr = '\0'; |
|
597 |
+ } |
|
598 |
+ else |
|
599 |
+ *ptr = '\0'; |
|
606 | 600 |
|
607 | 601 |
datasz = strlen(kcopy) + strlen(data) + 2; |
608 | 602 |
field = cli_realloc(kcopy, strlen(kcopy) + strlen(data) + 2); |