From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Thu, 21 Feb 2019 13:06:35 +0000 (+0000)
Subject: [Fix] Add filter for absurdic URLs
X-Git-Tag: 1.9.0~104
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=1c54d4c494b15fc5285417f9247ca05ea061d487;p=rspamd.git

[Fix] Add filter for absurdic URLs
---

diff --git a/src/libserver/html.c b/src/libserver/html.c
index c33aacf82..de632201c 100644
--- a/src/libserver/html.c
+++ b/src/libserver/html.c
@@ -1346,7 +1346,7 @@ rspamd_html_process_url (rspamd_mempool_t *pool, const gchar *start, guint len,
 		}
 	}
 
-	if (memchr (s, ':', len) == NULL) {
+	if (rspamd_substring_search (start, len, "://", 3) == -1) {
 		/* We have no prefix */
 		dlen += sizeof ("http://") - 1;
 		no_prefix = TRUE;
@@ -1361,9 +1361,25 @@ rspamd_html_process_url (rspamd_mempool_t *pool, const gchar *start, guint len,
 			memcpy (d, "http:", sizeof ("http:") - 1);
 			d += sizeof ("http:") - 1;
 		}
+		else if (s[0] == '\\' && (len > 2 && s[1] == '\\')) {
+			/* Likely SMB share, ignore */
+			return NULL;
+		}
 		else {
-			memcpy (d, "http://", sizeof ("http://") - 1);
-			d += sizeof ("http://") - 1;
+			if (s[0] == '.') {
+				/*
+				 * We have relative URL without base URL:
+				 * the former is covered by caller function which
+				 * checks for the base URL.
+				 *
+				 * In the most cases, it is caused by a broken client
+				 */
+				return NULL;
+			}
+			else if ((s[0] & 0x80) || g_ascii_isalnum (s[0])) {
+				memcpy (d, "http://", sizeof ("http://") - 1);
+				d += sizeof ("http://") - 1;
+			}
 		}
 	}