GitList

Browse code

fix URL parsing, since we now parse the full URL

git-svn: trunk@4248

Török Edvin authored on 2008/10/11 19:27:34
Showing 4 changed files

ChangeLog index 86f283d..4de6e6f 100644
libclamav/phishcheck.c index 6c6c39e..ab68935 100644
unit_tests/check_clamscan.sh index 50ca9f7..68b17df 100755
unit_tests/input/phish-test-ssl index 2266c75..350da79 100644

@@ -1,3 +1,9 @@
                     +Sat Oct 11 13:17:29 EEST 2008 (edwin)
                     +-------------------------------------
                     + * libclamav/phishcheck.c, unit_tests/check_clamscan.sh,
                     + unit_tests/input/phish-test-ssl: fix URL parsing, since we now parse
                     + the full URL
+                    +
                      Sat Oct 11 11:16:02 EEST 2008 (edwin)
                      -------------------------------------
                       * Makefile.am, Makefile.in, libclamav/jsparse/js-norm.c,

libclamav/phishcheck.c

History View file @ d6d8d45

@@ -997,7 +997,7 @@ static inline int validate_uri_ialpha(const char *start, const char *end)
                      static int isURL(const struct phishcheck* pchk,const char* URL, int accept_anyproto)
+                     {
                      	size_t len;
                     -	const char *start = NULL, *p, *q;
                     +	const char *start = NULL, *p, *q, *end;
                      	if(!URL)
                      		return 0;
@@ -1038,8 +1038,13 @@ static int isURL(const struct phishcheck* pchk,const char* URL, int accept_anypr
                      	} else
                      		start = URL;
                      	p = start;
                     +	end = strchr(p, '/');
                     +	if (!end)
                     +		end = p + strlen(p);
                      	do {
                      		q = strchr(p, '.');
                     +		if (q > end)
                     +			break;
                      		if(q) {
                      			if(!validate_uri_xpalphas_nodot(p, q))
                      				return 0;
@@ -1048,9 +1053,10 @@ static int isURL(const struct phishcheck* pchk,const char* URL, int accept_anypr
                      	} while(q);
                      	if (p == start) /* must have at least one dot in the URL */
                      		return 0;
                     -	len = strlen(p);
                     -	while (len > 1 && p[len-1] == ' ') len--;
                     -	return !!in_tld_set(p, len);
                     +	if (end < p)
                     +		end = p;
                     +	while (*end == ' ' && end > p) --end;
                     +	return !!in_tld_set(p, end - p);
+                     }
                      /*

unit_tests/check_clamscan.sh

History View file @ d6d8d45

@@ -58,7 +58,9 @@ if test $val != 1; then
                      	echo "Error running clamscan: $val" >&2;
                      	die 3;
                      fi
                     -if grep "phish-test-ssl: Phishing.Heuristics.SSL-Spoof FOUND" clamscan2.log && grep "phish-test-cloak: Phishing.Heuristics.Cloaked-Null FOUND" clamscan2.log; then
                     -	echo "FOUND"
                     +grep "phish-test-ssl: Phishing.Heuristics.Email.SSL-Spoof FOUND" clamscan2.log >/dev/null && grep "phish-test-cloak: Phishing.Heuristics.Email.Cloaked.Null FOUND" clamscan2.log >/dev/null
                     +if test $? -ne 0; then
                     +	echo "Error on ssl/cloak phishing test" >&2;
                     +	die 4;
                      fi
                      die 0;

unit_tests/input/phish-test-ssl

History View file @ d6d8d45

@@ -2,4 +2,4 @@ From test@example.com
                      From: test@example.com
                      To: test@example.com
                     -<a href='http://ssl-example.com'>https://ssl-example.com</a>
                     +<a href='ssl-example.com/something.not'>https://ssl-example.com</a>