Browse code
Fix segfault in invalid fast track uuencoded files
| ... | ... |
@@ -1,3 +1,7 @@ |
| 1 |
+Tue May 31 19:15:01 BST 2005 (njh) |
|
| 2 |
+---------------------------------- |
|
| 3 |
+ * libclamav/mbox.c: Fix mishandling of fast track uuencoded files |
|
| 4 |
+ |
|
| 1 | 5 |
Fri May 27 15:55:00 BST 2005 (njh) |
| 2 | 6 |
---------------------------------- |
| 3 | 7 |
* clamav-milter: When loading a new database when not in external mode, |
| ... | ... |
@@ -15,7 +15,7 @@ |
| 15 | 15 |
* along with this program; if not, write to the Free Software |
| 16 | 16 |
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
| 17 | 17 |
*/ |
| 18 |
-static char const rcsid[] = "$Id: mbox.c,v 1.245 2005/05/13 19:43:37 nigelhorne Exp $"; |
|
| 18 |
+static char const rcsid[] = "$Id: mbox.c,v 1.246 2005/05/31 18:13:48 nigelhorne Exp $"; |
|
| 19 | 19 |
|
| 20 | 20 |
#if HAVE_CONFIG_H |
| 21 | 21 |
#include "clamav-config.h" |
| ... | ... |
@@ -187,7 +187,7 @@ static char *rfc822comments(const char *in, char *out); |
| 187 | 187 |
static int rfc1341(message *m, const char *dir); |
| 188 | 188 |
#endif |
| 189 | 189 |
static bool usefulHeader(int commandNumber, const char *cmd); |
| 190 |
-static void uufasttrack(message *m, const char *firstline, const char *dir, FILE *fin); |
|
| 190 |
+static int uufasttrack(message *m, const char *firstline, const char *dir, FILE *fin); |
|
| 191 | 191 |
static char *getline(char *buffer, size_t len, FILE *fin); |
| 192 | 192 |
|
| 193 | 193 |
static void checkURLs(message *m, const char *dir); |
| ... | ... |
@@ -882,13 +882,15 @@ cli_parse_mbox(const char *dir, int desc, unsigned int options) |
| 882 | 882 |
} else |
| 883 | 883 |
lastLineWasEmpty = (bool)(buffer[0] == '\0'); |
| 884 | 884 |
|
| 885 |
- if(isuuencodebegin(buffer)) |
|
| 885 |
+ if(isuuencodebegin(buffer)) {
|
|
| 886 | 886 |
/* |
| 887 | 887 |
* Fast track visa to uudecode. |
| 888 | 888 |
* TODO: binhex, yenc |
| 889 | 889 |
*/ |
| 890 |
- uufasttrack(m, buffer, dir, fd); |
|
| 891 |
- else |
|
| 890 |
+ if(uufasttrack(m, buffer, dir, fd) < 0) |
|
| 891 |
+ if(messageAddStr(m, buffer) < 0) |
|
| 892 |
+ break; |
|
| 893 |
+ } else |
|
| 892 | 894 |
if(messageAddStr(m, buffer) < 0) |
| 893 | 895 |
break; |
| 894 | 896 |
} while(fgets(buffer, sizeof(buffer) - 1, fd) != NULL); |
| ... | ... |
@@ -1155,13 +1157,15 @@ parseEmailFile(FILE *fin, const table_t *rfc821, const char *firstLine, const ch |
| 1155 | 1155 |
free(fullline); |
| 1156 | 1156 |
fullline = NULL; |
| 1157 | 1157 |
} |
| 1158 |
- } else if(line && isuuencodebegin(line)) |
|
| 1158 |
+ } else if(line && isuuencodebegin(line)) {
|
|
| 1159 | 1159 |
/* |
| 1160 | 1160 |
* Fast track visa to uudecode. |
| 1161 | 1161 |
* TODO: binhex, yenc |
| 1162 | 1162 |
*/ |
| 1163 |
- uufasttrack(ret, line, dir, fin); |
|
| 1164 |
- else |
|
| 1163 |
+ if(uufasttrack(ret, line, dir, fin) < 0) |
|
| 1164 |
+ if(messageAddStr(ret, line) < 0) |
|
| 1165 |
+ break; |
|
| 1166 |
+ } else |
|
| 1165 | 1167 |
if(messageAddStr(ret, line) < 0) |
| 1166 | 1168 |
break; |
| 1167 | 1169 |
} while(getline(buffer, sizeof(buffer) - 1, fin) != NULL); |
| ... | ... |
@@ -1653,8 +1657,8 @@ parseEmailBody(message *messageIn, text *textIn, const char *dir, const table_t |
| 1653 | 1653 |
do {
|
| 1654 | 1654 |
const char *line = lineGetData(t_line->t_line); |
| 1655 | 1655 |
|
| 1656 |
- /*cli_dbgmsg("inMimeHead %d inhead %d boundary '%s' line '%s' next '%s'\n",
|
|
| 1657 |
- inMimeHead, inhead, boundary, line, |
|
| 1656 |
+ /*cli_dbgmsg("multipart %d: inMimeHead %d inhead %d boundary '%s' line '%s' next '%s'\n",
|
|
| 1657 |
+ multiparts, inMimeHead, inhead, boundary, line, |
|
| 1658 | 1658 |
t_line->t_next && t_line->t_next->t_line ? lineGetData(t_line->t_next->t_line) : "(null)");*/ |
| 1659 | 1659 |
|
| 1660 | 1660 |
if(inMimeHead) { /* continuation line */
|
| ... | ... |
@@ -3826,14 +3830,18 @@ usefulHeader(int commandNumber, const char *cmd) |
| 3826 | 3826 |
/* |
| 3827 | 3827 |
* Save the uuencoded part of the file as it is read in since there's no need |
| 3828 | 3828 |
* to include it in the parse tree. Saves memory and parse time. |
| 3829 |
+ * Return < 0 for failure |
|
| 3829 | 3830 |
*/ |
| 3830 |
-static void |
|
| 3831 |
+static int |
|
| 3831 | 3832 |
uufasttrack(message *m, const char *firstline, const char *dir, FILE *fin) |
| 3832 | 3833 |
{
|
| 3833 | 3834 |
fileblob *fb = fileblobCreate(); |
| 3834 | 3835 |
char buffer[RFC2821LENGTH + 1]; |
| 3835 | 3836 |
char *filename = cli_strtok(firstline, 2, " "); |
| 3836 | 3837 |
|
| 3838 |
+ if(filename == NULL) |
|
| 3839 |
+ return -1; |
|
| 3840 |
+ |
|
| 3837 | 3841 |
fileblobSetFilename(fb, dir, filename); |
| 3838 | 3842 |
cli_dbgmsg("Fast track uudecode %s\n", filename);
|
| 3839 | 3843 |
free(filename); |
| ... | ... |
@@ -3862,6 +3870,8 @@ uufasttrack(message *m, const char *firstline, const char *dir, FILE *fin) |
| 3862 | 3862 |
} |
| 3863 | 3863 |
|
| 3864 | 3864 |
fileblobDestroy(fb); |
| 3865 |
+ |
|
| 3866 |
+ return 1; |
|
| 3865 | 3867 |
} |
| 3866 | 3868 |
|
| 3867 | 3869 |
/* |