From b497b77a3f13926c263d50fa47f71793a1d7f6a2 Mon Sep 17 00:00:00 2001 From: Vsevolod Stakhov Date: Tue, 5 Jul 2016 13:15:05 +0100 Subject: [PATCH] [Fix] Add filenames sanity filtering for mime types --- src/plugins/lua/mime_types.lua | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/src/plugins/lua/mime_types.lua b/src/plugins/lua/mime_types.lua index 9c8f2dc9a..4a98cb381 100644 --- a/src/plugins/lua/mime_types.lua +++ b/src/plugins/lua/mime_types.lua @@ -99,8 +99,11 @@ local function check_mime_type(task) badness_mult = settings['bad_archive_extensions'][ext] if badness_mult then if #parts > 2 then - -- Double extension + bad extension == VERY bad - task:insert_result(settings['symbol_double_extension'], badness_mult, fname) + -- We need to ensure that it is an extension, so we check for its length + if #parts[#parts - 1] <= 4 then + -- Double extension + bad extension == VERY bad + task:insert_result(settings['symbol_double_extension'], badness_mult, fname) + end else -- Just bad extension task:insert_result(settings['symbol_bad_extension'], badness_mult, fname) @@ -150,6 +153,7 @@ local function check_mime_type(task) local ct = string.format('%s/%s', mtype, subtype) if filename then + filename = filename:gsub('[^%s%g]', '?') check_filename(filename, ct, false) end @@ -163,11 +167,18 @@ local function check_mime_type(task) local fl = arch:get_files_full() for _,f in ipairs(fl) do + -- Strip bad characters + if f['name'] then + f['name'] = f['name']:gsub('[^%s%g]', '?') + end + if f['encrypted'] then task:insert_result(settings['symbol_encrypted_archive'], 1.0, f['name']) end - check_filename(f['name'], nil, true) + if f['name'] then + check_filename(f['name'], nil, true) + end end end -- 2.39.5