git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@2452 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2006/10/29 22:54:06... | ... |
@@ -16,7 +16,7 @@ |
16 | 16 |
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, |
17 | 17 |
* MA 02110-1301, USA. |
18 | 18 |
*/ |
19 |
-static char const rcsid[] = "$Id: mbox.c,v 1.356 2006/10/16 00:33:34 tkojm Exp $"; |
|
19 |
+static char const rcsid[] = "$Id: mbox.c,v 1.357 2006/10/29 13:54:06 njh Exp $"; |
|
20 | 20 |
|
21 | 21 |
#ifdef _MSC_VER |
22 | 22 |
#include <winsock.h> /* only needed in CL_EXPERIMENTAL */ |
... | ... |
@@ -269,7 +269,7 @@ static int cli_parse_mbox(const char *dir, int desc, cli_ctx *ctx); |
269 | 269 |
static message *parseEmailFile(FILE *fin, const table_t *rfc821Table, const char *firstLine, const char *dir); |
270 | 270 |
static message *parseEmailHeaders(message *m, const table_t *rfc821Table); |
271 | 271 |
static int parseEmailHeader(message *m, const char *line, const table_t *rfc821Table); |
272 |
-static int parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx); |
|
272 |
+static int parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int recursion_level); |
|
273 | 273 |
static int boundaryStart(const char *line, const char *boundary); |
274 | 274 |
static int endOfMessage(const char *line, const char *boundary); |
275 | 275 |
static int initialiseTables(table_t **rfc821Table, table_t **subtypeTable); |
... | ... |
@@ -287,7 +287,7 @@ static char *getline_from_mbox(char *buffer, size_t len, FILE *fin); |
287 | 287 |
static bool isBounceStart(const char *line); |
288 | 288 |
static bool exportBinhexMessage(const char *dir, message *m); |
289 | 289 |
static int exportBounceMessage(text *start, const mbox_ctx *ctx); |
290 |
-static message *do_multipart(message *mainMessage, message **messages, int i, int *rc, mbox_ctx *mctx, message *messageIn, text **tptr); |
|
290 |
+static message *do_multipart(message *mainMessage, message **messages, int i, int *rc, mbox_ctx *mctx, message *messageIn, text **tptr, unsigned int recursion_level); |
|
291 | 291 |
static int count_quotes(const char *buf); |
292 | 292 |
static bool next_is_folded_header(const text *t); |
293 | 293 |
|
... | ... |
@@ -1404,7 +1404,7 @@ cli_parse_mbox(const char *dir, int desc, cli_ctx *ctx) |
1404 | 1404 |
messageSetCTX(body, ctx); |
1405 | 1405 |
messageDestroy(m); |
1406 | 1406 |
if(messageGetBody(body)) { |
1407 |
- int rc = parseEmailBody(body, NULL, &mctx); |
|
1407 |
+ int rc = parseEmailBody(body, NULL, &mctx, 0); |
|
1408 | 1408 |
if(rc == 0) { |
1409 | 1409 |
messageReset(body); |
1410 | 1410 |
m = body; |
... | ... |
@@ -1485,7 +1485,7 @@ cli_parse_mbox(const char *dir, int desc, cli_ctx *ctx) |
1485 | 1485 |
*/ |
1486 | 1486 |
if((retcode == CL_SUCCESS) && messageGetBody(body)) { |
1487 | 1487 |
messageSetCTX(body, ctx); |
1488 |
- switch(parseEmailBody(body, NULL, &mctx)) { |
|
1488 |
+ switch(parseEmailBody(body, NULL, &mctx, 0)) { |
|
1489 | 1489 |
case 0: |
1490 | 1490 |
retcode = CL_EFORMAT; |
1491 | 1491 |
break; |
... | ... |
@@ -2019,7 +2019,7 @@ parseEmailHeader(message *m, const char *line, const table_t *rfc821) |
2019 | 2019 |
* 3 for virus found |
2020 | 2020 |
*/ |
2021 | 2021 |
static int /* success or fail */ |
2022 |
-parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx) |
|
2022 |
+parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int recursion_level) |
|
2023 | 2023 |
{ |
2024 | 2024 |
int rc = 1; |
2025 | 2025 |
text *aText = textIn; |
... | ... |
@@ -2032,6 +2032,19 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx) |
2032 | 2032 |
|
2033 | 2033 |
cli_dbgmsg("in parseEmailBody\n"); |
2034 | 2034 |
|
2035 |
+ /* |
|
2036 |
+ * FIXME: Using ArchiveMaxRecursion is not good since that is |
|
2037 |
+ * typically rather low (default = 8) and it would be better for |
|
2038 |
+ * this code to use a higher limit. Needs support in the cl_limits |
|
2039 |
+ * structure |
|
2040 |
+ */ |
|
2041 |
+ if(mctx->ctx->limits->maxreclevel) |
|
2042 |
+ if(recursion_level >= mctx->ctx->limits->maxreclevel) { |
|
2043 |
+ cli_warnmsg("parseEmailBody: hit maximum recursion level (%u)\n", |
|
2044 |
+ mctx->ctx->limits->maxreclevel); |
|
2045 |
+ return 2; |
|
2046 |
+ } |
|
2047 |
+ |
|
2035 | 2048 |
/* Anything left to be parsed? */ |
2036 | 2049 |
if(mainMessage && (messageGetBody(mainMessage) != NULL)) { |
2037 | 2050 |
mime_type mimeType; |
... | ... |
@@ -2479,7 +2492,7 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx) |
2479 | 2479 |
mainMessage = do_multipart(mainMessage, |
2480 | 2480 |
messages, multiparts, |
2481 | 2481 |
&rc, mctx, messageIn, |
2482 |
- &aText); |
|
2482 |
+ &aText, recursion_level + 1); |
|
2483 | 2483 |
--multiparts; |
2484 | 2484 |
if(rc == 3) |
2485 | 2485 |
infected = TRUE; |
... | ... |
@@ -2575,7 +2588,7 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx) |
2575 | 2575 |
if(htmltextPart == -1) |
2576 | 2576 |
cli_dbgmsg("No HTML code found to be scanned\n"); |
2577 | 2577 |
else { |
2578 |
- rc = parseEmailBody(aMessage, aText, mctx); |
|
2578 |
+ rc = parseEmailBody(aMessage, aText, mctx, recursion_level + 1); |
|
2579 | 2579 |
if(rc == 1) { |
2580 | 2580 |
assert(aMessage == messages[htmltextPart]); |
2581 | 2581 |
messageDestroy(aMessage); |
... | ... |
@@ -2656,14 +2669,14 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx) |
2656 | 2656 |
for(i = 0; i < multiparts; i++) { |
2657 | 2657 |
mainMessage = do_multipart(mainMessage, |
2658 | 2658 |
messages, i, &rc, mctx, |
2659 |
- messageIn, &aText); |
|
2659 |
+ messageIn, &aText, recursion_level + 1); |
|
2660 | 2660 |
if(rc == 3) { |
2661 | 2661 |
infected = TRUE; |
2662 | 2662 |
break; |
2663 | 2663 |
} |
2664 | 2664 |
} |
2665 | 2665 |
|
2666 |
- /* rc = parseEmailBody(NULL, NULL, mctx); */ |
|
2666 |
+ /* rc = parseEmailBody(NULL, NULL, mctx, recursion_level + 1); */ |
|
2667 | 2667 |
break; |
2668 | 2668 |
case SIGNED: |
2669 | 2669 |
case PARALLEL: |
... | ... |
@@ -2679,7 +2692,7 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx) |
2679 | 2679 |
if(htmltextPart == -1) |
2680 | 2680 |
htmltextPart = 0; |
2681 | 2681 |
|
2682 |
- rc = parseEmailBody(messages[htmltextPart], aText, mctx); |
|
2682 |
+ rc = parseEmailBody(messages[htmltextPart], aText, mctx, recursion_level + 1); |
|
2683 | 2683 |
break; |
2684 | 2684 |
case ENCRYPTED: |
2685 | 2685 |
rc = 0; |
... | ... |
@@ -2753,7 +2766,7 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx) |
2753 | 2753 |
} else |
2754 | 2754 |
messageReset(mainMessage); |
2755 | 2755 |
if(messageGetBody(m)) |
2756 |
- rc = parseEmailBody(m, NULL, mctx); |
|
2756 |
+ rc = parseEmailBody(m, NULL, mctx, recursion_level + 1); |
|
2757 | 2757 |
|
2758 | 2758 |
messageDestroy(m); |
2759 | 2759 |
} |
... | ... |
@@ -5138,7 +5151,7 @@ exportBounceMessage(text *start, const mbox_ctx *mctx) |
5138 | 5138 |
* Handle the ith element of a number of multiparts, e.g. multipart/alternative |
5139 | 5139 |
*/ |
5140 | 5140 |
static message * |
5141 |
-do_multipart(message *mainMessage, message **messages, int i, int *rc, mbox_ctx *mctx, message *messageIn, text **tptr) |
|
5141 |
+do_multipart(message *mainMessage, message **messages, int i, int *rc, mbox_ctx *mctx, message *messageIn, text **tptr, unsigned int recursion_level) |
|
5142 | 5142 |
{ |
5143 | 5143 |
bool addToText = FALSE; |
5144 | 5144 |
const char *dtype; |
... | ... |
@@ -5303,7 +5316,7 @@ do_multipart(message *mainMessage, message **messages, int i, int *rc, mbox_ctx |
5303 | 5303 |
messages[i] = NULL; |
5304 | 5304 |
if(body) { |
5305 | 5305 |
messageSetCTX(body, ctx); |
5306 |
- rc = parseEmailBody(body, NULL, mctx); |
|
5306 |
+ rc = parseEmailBody(body, NULL, mctx, recursion_level + 1); |
|
5307 | 5307 |
if(messageContainsVirus(body)) |
5308 | 5308 |
*rc = 3; |
5309 | 5309 |
messageDestroy(body); |
... | ... |
@@ -5322,13 +5335,13 @@ do_multipart(message *mainMessage, message **messages, int i, int *rc, mbox_ctx |
5322 | 5322 |
* The headers were parsed when reading in the |
5323 | 5323 |
* whole multipart section |
5324 | 5324 |
*/ |
5325 |
- *rc = parseEmailBody(aMessage, *tptr, mctx); |
|
5325 |
+ *rc = parseEmailBody(aMessage, *tptr, mctx, recursion_level + 1); |
|
5326 | 5326 |
cli_dbgmsg("Finished recursion\n"); |
5327 | 5327 |
assert(aMessage == messages[i]); |
5328 | 5328 |
messageDestroy(messages[i]); |
5329 | 5329 |
messages[i] = NULL; |
5330 | 5330 |
} else { |
5331 |
- *rc = parseEmailBody(NULL, NULL, mctx); |
|
5331 |
+ *rc = parseEmailBody(NULL, NULL, mctx, recursion_level + 1); |
|
5332 | 5332 |
if(mainMessage && (mainMessage != messageIn)) |
5333 | 5333 |
messageDestroy(mainMessage); |
5334 | 5334 |
mainMessage = NULL; |