git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@735 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/08/09 17:28:10... | ... |
@@ -1,10 +1,15 @@ |
1 |
+Mon Aug 9 09:27:02 BST 2004 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamav/mbox.c: checkURLs code (not enabled by default) is now thread |
|
4 |
+ safe |
|
5 |
+ |
|
1 | 6 |
Mon Aug 9 02:32:49 CEST 2004 (tk) |
2 | 7 |
---------------------------------- |
3 | 8 |
* libclamav: matcher-bm: fix another bug in node sorting (spotted by Nigel) |
4 | 9 |
|
5 | 10 |
Sun Aug 8 22:31:12 BST 2004 (njh) |
6 | 11 |
---------------------------------- |
7 |
- * libclamav/mbox: Started code (not yet enabled by default) to scan URLs |
|
12 |
+ * libclamav/mbox.c: Started code (not yet enabled by default) to scan URLs |
|
8 | 13 |
embedded in emails for viruses. |
9 | 14 |
|
10 | 15 |
Sun Aug 8 20:14:04 BST 2004 (njh) |
... | ... |
@@ -17,6 +17,9 @@ |
17 | 17 |
* |
18 | 18 |
* Change History: |
19 | 19 |
* $Log: mbox.c,v $ |
20 |
+ * Revision 1.94 2004/08/09 08:26:36 nigelhorne |
|
21 |
+ * Thread safe checkURL |
|
22 |
+ * |
|
20 | 23 |
* Revision 1.93 2004/08/08 21:30:47 nigelhorne |
21 | 24 |
* First draft of CheckURL |
22 | 25 |
* |
... | ... |
@@ -267,7 +270,7 @@ |
267 | 267 |
* Compilable under SCO; removed duplicate code with message.c |
268 | 268 |
* |
269 | 269 |
*/ |
270 |
-static char const rcsid[] = "$Id: mbox.c,v 1.93 2004/08/08 21:30:47 nigelhorne Exp $"; |
|
270 |
+static char const rcsid[] = "$Id: mbox.c,v 1.94 2004/08/09 08:26:36 nigelhorne Exp $"; |
|
271 | 271 |
|
272 | 272 |
#if HAVE_CONFIG_H |
273 | 273 |
#include "clamav-config.h" |
... | ... |
@@ -433,6 +436,7 @@ static table_t *rfc821Table, *subtypeTable; |
433 | 433 |
#endif |
434 | 434 |
|
435 | 435 |
#define SAVE_TO_DISC /* multipart/message are saved in a temporary file */ |
436 |
+/*#define CHECKURLS /* If an email contains URLs, check them */ |
|
436 | 437 |
|
437 | 438 |
/* |
438 | 439 |
* TODO: when signal handling is added, need to remove temp files when a |
... | ... |
@@ -2197,7 +2201,7 @@ saveFile(const blob *b, const char *dir) |
2197 | 2197 |
return (close(fd) >= 0); |
2198 | 2198 |
} |
2199 | 2199 |
|
2200 |
-#if 0 |
|
2200 |
+#ifdef CHECKURLS |
|
2201 | 2201 |
static void |
2202 | 2202 |
checkURLs(message *m, const char *dir) |
2203 | 2203 |
{ |
... | ... |
@@ -2211,13 +2215,21 @@ checkURLs(message *m, const char *dir) |
2211 | 2211 |
ptr = blobGetData(b); |
2212 | 2212 |
len = blobGetDataSize(b); |
2213 | 2213 |
|
2214 |
+ /* |
|
2215 |
+ * cli_memstr(ptr, len, "<a href=", 8) |
|
2216 |
+ * Don't use cli_memstr() until bounds problem sorted and it becomes |
|
2217 |
+ * case independant |
|
2218 |
+ */ |
|
2214 | 2219 |
while(len >= 8) { |
2215 | 2220 |
/* FIXME: allow any number of white space */ |
2216 | 2221 |
if(strncasecmp(ptr, "<a href=", 8) == 0) { |
2222 |
+#ifdef CL_THREAD_SAFE |
|
2223 |
+ static pthread_mutex_t system_mutex = PTHREAD_MUTEX_INITIALIZER; |
|
2224 |
+#endif |
|
2217 | 2225 |
char *p2 = &ptr[8]; |
2218 | 2226 |
char *p3; |
2219 |
- char cmd[512]; |
|
2220 |
- char name[512]; |
|
2227 |
+ char cmd[512], name[512]; |
|
2228 |
+ struct stat statb; |
|
2221 | 2229 |
|
2222 | 2230 |
len -= 8; |
2223 | 2231 |
while((len > 0) && ((*p2 == '\"') || isspace(*p2))) { |
... | ... |
@@ -2234,7 +2246,9 @@ checkURLs(message *m, const char *dir) |
2234 | 2234 |
if(len == 0) |
2235 | 2235 |
break; |
2236 | 2236 |
*ptr = '\0'; |
2237 |
- cli_dbgmsg("Downloading URL %s to be scanned", p2); |
|
2237 |
+ if(strncasecmp(p2, "mailto:", 7) == 0) |
|
2238 |
+ continue; |
|
2239 |
+ cli_dbgmsg("Downloading URL %s to be scanned\n", p2); |
|
2238 | 2240 |
strncpy(name, p2, sizeof(name)); |
2239 | 2241 |
for(p3 = name; *p3; p3++) |
2240 | 2242 |
if(*p3 == '/') |
... | ... |
@@ -2242,11 +2256,25 @@ checkURLs(message *m, const char *dir) |
2242 | 2242 |
|
2243 | 2243 |
snprintf(cmd, sizeof(cmd), "GET %s > %s/%s", p2, dir, name); |
2244 | 2244 |
cli_dbgmsg("%s\n", cmd); |
2245 |
+#ifdef CL_THREAD_SAFE |
|
2246 |
+ pthread_mutex_lock(&system_mutex); |
|
2247 |
+#endif |
|
2245 | 2248 |
system(cmd); |
2246 |
- } else { |
|
2247 |
- ptr++; |
|
2248 |
- len--; |
|
2249 |
+#ifdef CL_THREAD_SAFE |
|
2250 |
+ pthread_mutex_unlock(&system_mutex); |
|
2251 |
+#endif |
|
2252 |
+ snprintf(cmd, sizeof(cmd), "%s/%s", dir, name); |
|
2253 |
+ if(stat(cmd, &statb) >= 0) |
|
2254 |
+ if(statb.st_size == 0) { |
|
2255 |
+ cli_warnmsg("URL %s failed to download\n", p2); |
|
2256 |
+ /* |
|
2257 |
+ * Don't bother scanning an empty file |
|
2258 |
+ */ |
|
2259 |
+ (void)unlink(cmd); |
|
2260 |
+ } |
|
2249 | 2261 |
} |
2262 |
+ ptr++; |
|
2263 |
+ len--; |
|
2250 | 2264 |
} |
2251 | 2265 |
blobDestroy(b); |
2252 | 2266 |
} |
... | ... |
@@ -2259,7 +2287,7 @@ checkURLs(message *m, const char *dir) |
2259 | 2259 |
|
2260 | 2260 |
|
2261 | 2261 |
#ifdef HAVE_BACKTRACE |
2262 |
-static void |
|
2262 |
+ static void |
|
2263 | 2263 |
sigsegv(int sig) |
2264 | 2264 |
{ |
2265 | 2265 |
signal(SIGSEGV, SIG_DFL); |
... | ... |
@@ -2267,7 +2295,7 @@ sigsegv(int sig) |
2267 | 2267 |
exit(SIGSEGV); |
2268 | 2268 |
} |
2269 | 2269 |
|
2270 |
-static void |
|
2270 |
+ static void |
|
2271 | 2271 |
print_trace(int use_syslog) |
2272 | 2272 |
{ |
2273 | 2273 |
void *array[10]; |