mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
19581 Commits
30 Branches
Tree: f7c44dea2e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f7c44dea2e'
${ noResults }
rspamd/src/libmime/mime_parser.c

mime_parser.c 43KB
Raw Blame History

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702 
  1. /*-

  2.  * Copyright 2016 Vsevolod Stakhov

  3.  *

  4.  * Licensed under the Apache License, Version 2.0 (the "License");

  5.  * you may not use this file except in compliance with the License.

  6.  * You may obtain a copy of the License at

  7.  *

  8.  *   http://www.apache.org/licenses/LICENSE-2.0

  9.  *

  10.  * Unless required by applicable law or agreed to in writing, software

  11.  * distributed under the License is distributed on an "AS IS" BASIS,

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13.  * See the License for the specific language governing permissions and

  14.  * limitations under the License.

  15.  */

  16. 

  17. 

  18. #include "config.h"

  19. #include "task.h"

  20. #include "mime_parser.h"

  21. #include "mime_headers.h"

  22. #include "message.h"

  23. #include "multipattern.h"

  24. #include "contrib/libottery/ottery.h"

  25. #include "contrib/uthash/utlist.h"

  26. #include <openssl/cms.h>

  27. #include <openssl/pkcs7.h>

  28. #include "contrib/fastutf8/fastutf8.h"

  29. 

  30. struct rspamd_mime_parser_lib_ctx {

  31. 	struct rspamd_multipattern *mp_boundary;

  32. 	guchar hkey[rspamd_cryptobox_SIPKEYBYTES]; /* Key for hashing */

  33. 	guint key_usages;

  34. };

  35. 

  36. struct rspamd_mime_parser_lib_ctx *lib_ctx = NULL;

  37. 

  38. static const guint max_nested = 64;

  39. static const guint max_key_usages = 10000;

  40. 

  41. #define msg_debug_mime(...)  rspamd_conditional_debug_fast (NULL, task->from_addr, \

  42.         rspamd_mime_log_id, "mime", task->task_pool->tag.uid, \

  43.         RSPAMD_LOG_FUNC, \

  44.         __VA_ARGS__)

  45. 

  46. INIT_LOG_MODULE(mime)

  47. 

  48. #define RSPAMD_MIME_BOUNDARY_FLAG_CLOSED (1 << 0)

  49. #define RSPAMD_BOUNDARY_IS_CLOSED(b) ((b)->flags & RSPAMD_MIME_BOUNDARY_FLAG_CLOSED)

  50. 

  51. struct rspamd_mime_boundary {

  52. 	goffset boundary;

  53. 	goffset start;

  54. 	guint64 hash;

  55. 	guint64 closed_hash;

  56. 	gint flags;

  57. };

  58. 

  59. struct rspamd_mime_parser_ctx {

  60. 	GPtrArray *stack; /* Stack of parts */

  61. 	GArray *boundaries; /* Boundaries found in the whole message */

  62. 	const gchar *start;

  63. 	const gchar *pos;

  64. 	const gchar *end;

  65. 	struct rspamd_task *task;

  66. 	guint nesting;

  67. };

  68. 

  69. static enum rspamd_mime_parse_error

  70. rspamd_mime_parse_multipart_part (struct rspamd_task *task,

  71. 		struct rspamd_mime_part *part,

  72. 		struct rspamd_mime_parser_ctx *st,

  73. 		GError **err);

  74. static enum rspamd_mime_parse_error

  75. rspamd_mime_parse_message (struct rspamd_task *task,

  76. 		struct rspamd_mime_part *part,

  77. 		struct rspamd_mime_parser_ctx *st,

  78. 		GError **err);

  79. static enum rspamd_mime_parse_error

  80. rspamd_mime_parse_normal_part (struct rspamd_task *task,

  81. 		struct rspamd_mime_part *part,

  82. 		struct rspamd_mime_parser_ctx *st,

  83. 		struct rspamd_content_type *ct,

  84. 		GError **err);

  85. 

  86. static enum rspamd_mime_parse_error

  87. rspamd_mime_process_multipart_node (struct rspamd_task *task,

  88. 									struct rspamd_mime_parser_ctx *st,

  89. 									struct rspamd_mime_part *multipart,

  90. 									const gchar *start, const gchar *end,

  91. 									gboolean is_finished,

  92. 									GError **err);

  93. 

  94. 

  95. #define RSPAMD_MIME_QUARK (rspamd_mime_parser_quark())

  96. static GQuark

  97. rspamd_mime_parser_quark (void)

  98. {

  99. 	return g_quark_from_static_string ("mime-parser");

  100. }

  101. 

  102. const gchar*

  103. rspamd_cte_to_string (enum rspamd_cte ct)

  104. {

  105. 	const gchar *ret = "unknown";

  106. 

  107. 	switch (ct) {

  108. 	case RSPAMD_CTE_7BIT:

  109. 		ret = "7bit";

  110. 		break;

  111. 	case RSPAMD_CTE_8BIT:

  112. 		ret = "8bit";

  113. 		break;

  114. 	case RSPAMD_CTE_QP:

  115. 		ret = "quoted-printable";

  116. 		break;

  117. 	case RSPAMD_CTE_B64:

  118. 		ret = "base64";

  119. 		break;

  120. 	case RSPAMD_CTE_UUE:

  121. 		ret = "X-uuencode";

  122. 		break;

  123. 	default:

  124. 		break;

  125. 	}

  126. 

  127. 	return ret;

  128. }

  129. 

  130. enum rspamd_cte

  131. rspamd_cte_from_string (const gchar *str)

  132. {

  133. 	enum rspamd_cte ret = RSPAMD_CTE_UNKNOWN;

  134. 

  135. 	g_assert (str != NULL);

  136. 

  137. 	if (strcmp (str, "7bit") == 0) {

  138. 		ret = RSPAMD_CTE_7BIT;

  139. 	}

  140. 	else if (strcmp (str, "8bit") == 0) {

  141. 		ret = RSPAMD_CTE_8BIT;

  142. 	}

  143. 	else if (strcmp (str, "quoted-printable") == 0) {

  144. 		ret = RSPAMD_CTE_QP;

  145. 	}

  146. 	else if (strcmp (str, "base64") == 0) {

  147. 		ret = RSPAMD_CTE_B64;

  148. 	}

  149. 	else if (strcmp (str, "X-uuencode") == 0) {

  150. 		ret = RSPAMD_CTE_UUE;

  151. 	}

  152. 	else if (strcmp (str, "uuencode") == 0) {

  153. 		ret = RSPAMD_CTE_UUE;

  154. 	}

  155. 	else if (strcmp (str, "X-uue") == 0) {

  156. 		ret = RSPAMD_CTE_UUE;

  157. 	}

  158. 

  159. 	return ret;

  160. }

  161. 

  162. static void

  163. rspamd_mime_parser_init_lib (void)

  164. {

  165. 	lib_ctx = g_malloc0 (sizeof (*lib_ctx));

  166. 	lib_ctx->mp_boundary = rspamd_multipattern_create (RSPAMD_MULTIPATTERN_DEFAULT);

  167. 	g_assert (lib_ctx->mp_boundary != NULL);

  168. 	rspamd_multipattern_add_pattern (lib_ctx->mp_boundary, "\r--", 0);

  169. 	rspamd_multipattern_add_pattern (lib_ctx->mp_boundary, "\n--", 0);

  170. 	g_assert (rspamd_multipattern_compile (lib_ctx->mp_boundary, NULL));

  171. 	ottery_rand_bytes (lib_ctx->hkey, sizeof (lib_ctx->hkey));

  172. }

  173. 

  174. static enum rspamd_cte

  175. rspamd_mime_parse_cte (const gchar *in, gsize len)

  176. {

  177. 	guint64 h;

  178. 	enum rspamd_cte ret = RSPAMD_CTE_UNKNOWN;

  179. 

  180. 	in = rspamd_string_len_strip (in, &len, " \t;,.+-#!`~'");

  181. 	h = rspamd_cryptobox_fast_hash_specific (RSPAMD_CRYPTOBOX_XXHASH64,

  182. 			in, len, 0xdeadbabe);

  183. 

  184. 	switch (h) {

  185. 	case 0xCEDAA7056B4753F7ULL: /* 7bit */

  186. 		ret = RSPAMD_CTE_7BIT;

  187. 		break;

  188. 	case 0x42E0745448B39FC1ULL: /* 8bit */

  189. 	case 0x6B169E6B155BADC0ULL: /* binary */

  190. 		ret = RSPAMD_CTE_8BIT;

  191. 		break;

  192. 	case 0x6D69A5BB02A633B0ULL: /* quoted-printable */

  193. 		ret = RSPAMD_CTE_QP;

  194. 		break;

  195. 	case 0x96305588A76DC9A9ULL: /* base64 */

  196. 	case 0x171029DE1B0423A9ULL: /* base-64 */

  197. 		ret = RSPAMD_CTE_B64;

  198. 		break;

  199. 	case 0x420b54dc00d13cecULL: /* uuencode */

  200. 	case 0x8df6700b8f6c4cf9ULL: /* x-uuencode */

  201. 	case 0x41f725ec544356d3ULL: /* x-uue */

  202. 		ret = RSPAMD_CTE_UUE;

  203. 		break;

  204. 	}

  205. 

  206. 	return ret;

  207. }

  208. 

  209. static enum rspamd_cte

  210. rspamd_mime_part_get_cte_heuristic (struct rspamd_task *task,

  211. 		struct rspamd_mime_part *part)

  212. {

  213. 	const guint check_len = 128;

  214. 	guint real_len, nspaces = 0, neqsign = 0, n8bit = 0, nqpencoded = 0,

  215. 		padeqsign = 0, nupper = 0, nlower = 0;

  216. 	gboolean b64_chars = TRUE;

  217. 	const guchar *p, *end;

  218. 	enum rspamd_cte ret = RSPAMD_CTE_UNKNOWN;

  219. 

  220. 	real_len = MIN (check_len, part->raw_data.len);

  221. 	p = (const guchar *)part->raw_data.begin;

  222. 	end = p + part->raw_data.len;

  223. 

  224. 	while (p < end && g_ascii_isspace (*p)) {

  225. 		p ++;

  226. 	}

  227. 

  228. 	if (end - p > sizeof ("begin-base64 ")) {

  229. 		const guchar *uue_start;

  230. 

  231. 		if (memcmp (p, "begin ", sizeof ("begin ") - 1) == 0) {

  232. 			uue_start = p + sizeof ("begin ") - 1;

  233. 

  234. 			while (uue_start < end && g_ascii_isspace (*uue_start)) {

  235. 				uue_start ++;

  236. 			}

  237. 

  238. 			if (uue_start < end && g_ascii_isdigit (*uue_start)) {

  239. 				return RSPAMD_CTE_UUE;

  240. 			}

  241. 		}

  242. 		else if (memcmp (p, "begin-base64 ", sizeof ("begin-base64 ") - 1) == 0) {

  243. 			uue_start = p + sizeof ("begin ") - 1;

  244. 

  245. 			while (uue_start < end && g_ascii_isspace (*uue_start)) {

  246. 				uue_start ++;

  247. 			}

  248. 

  249. 			if (uue_start < end && g_ascii_isdigit (*uue_start)) {

  250. 				return RSPAMD_CTE_UUE;

  251. 			}

  252. 		}

  253. 	}

  254. 

  255. 	/* Skip trailing spaces */

  256. 	while (end > p && g_ascii_isspace (*(end - 1))) {

  257. 		end --;

  258. 	}

  259. 

  260. 	if (end > p + 2) {

  261. 		if (*(end - 1) == '=') {

  262. 			padeqsign ++;

  263. 			end --;

  264. 		}

  265. 

  266. 		if (*(end - 1) == '=') {

  267. 			padeqsign ++;

  268. 			end --;

  269. 		}

  270. 	}

  271. 

  272. 	/* Adjust end to analyse only first characters */

  273. 	if (end - p > real_len) {

  274. 		end = p + real_len;

  275. 	}

  276. 

  277. 	while (p < end) {

  278. 		if (*p == ' ') {

  279. 			nspaces ++;

  280. 		}

  281. 		else if (*p == '=') {

  282. 			b64_chars = FALSE; /* Eqsign must not be inside base64 */

  283. 			neqsign ++;

  284. 			p ++;

  285. 

  286. 			if (p + 2 < end && g_ascii_isxdigit (*p) && g_ascii_isxdigit (*(p + 1))) {

  287. 				p ++;

  288. 				nqpencoded ++;

  289. 			}

  290. 

  291. 			continue;

  292. 		}

  293. 		else if (*p >= 0x80) {

  294. 			n8bit ++;

  295. 			b64_chars = FALSE;

  296. 		}

  297. 		else if (!(g_ascii_isalnum (*p) || *p == '/' || *p == '+')) {

  298. 			b64_chars = FALSE;

  299. 		}

  300. 		else if (g_ascii_isupper (*p)) {

  301. 			nupper ++;

  302. 		}

  303. 		else if (g_ascii_islower (*p)) {

  304. 			nlower ++;

  305. 		}

  306. 

  307. 		p ++;

  308. 	}

  309. 

  310. 	if (b64_chars && neqsign <= 2 && nspaces == 0) {

  311. 		/* Need more thinking */

  312. 

  313. 		if (part->raw_data.len > 80) {

  314. 			if (padeqsign > 0) {

  315. 				ret = RSPAMD_CTE_B64;

  316. 			}

  317. 			else {

  318. 				/* We have a large piece of data with no spaces and base64

  319. 				 * symbols only, no padding is detected as well...

  320. 				 *

  321. 				 * There is a small chance that our first 128 characters

  322. 				 * are either some garbage or it is a base64 with no padding

  323. 				 * (e.g. when it is not needed)

  324. 				 */

  325. 				if (nupper > 1 && nlower > 1) {

  326. 					/*

  327. 					 * We have both uppercase and lowercase letters, so it can be

  328. 					 * base64

  329. 					 */

  330. 					ret = RSPAMD_CTE_B64;

  331. 				}

  332. 				else {

  333. 					ret = RSPAMD_CTE_7BIT;

  334. 				}

  335. 			}

  336. 		}

  337. 		else {

  338. 

  339. 			if (((end - (const guchar *)part->raw_data.begin) + padeqsign) % 4 == 0) {

  340. 				if (padeqsign == 0) {

  341. 					/*

  342. 					 * It can be either base64 or plain text, hard to say

  343. 					 * Let's assume that if we have > 1 uppercase it is

  344. 					 * likely base64

  345. 					 */

  346. 					if (nupper > 1 && nlower > 1) {

  347. 						ret = RSPAMD_CTE_B64;

  348. 					}

  349. 					else {

  350. 						ret = RSPAMD_CTE_7BIT;

  351. 					}

  352. 

  353. 				}

  354. 				else {

  355. 					ret = RSPAMD_CTE_B64;

  356. 				}

  357. 			}

  358. 			else {

  359. 				/* No way */

  360. 				if (padeqsign == 1 || padeqsign == 2) {

  361. 					ret = RSPAMD_CTE_B64;

  362. 				}

  363. 				else {

  364. 					ret = RSPAMD_CTE_7BIT;

  365. 				}

  366. 			}

  367. 		}

  368. 	}

  369. 	else if (n8bit == 0) {

  370. 		if (neqsign > 2 && nqpencoded > 2) {

  371. 			ret = RSPAMD_CTE_QP;

  372. 		}

  373. 		else {

  374. 			ret = RSPAMD_CTE_7BIT;

  375. 		}

  376. 	}

  377. 	else {

  378. 		ret = RSPAMD_CTE_8BIT;

  379. 	}

  380. 

  381. 	msg_debug_mime ("detected cte: %s", rspamd_cte_to_string (ret));

  382. 

  383. 	return ret;

  384. }

  385. 

  386. static void

  387. rspamd_mime_part_get_cte (struct rspamd_task *task,

  388. 						  struct rspamd_mime_headers_table *hdrs,

  389. 						  struct rspamd_mime_part *part,

  390. 						  gboolean apply_heuristic)

  391. {

  392. 	struct rspamd_mime_header *hdr, *cur;

  393. 	enum rspamd_cte cte = RSPAMD_CTE_UNKNOWN;

  394. 	gboolean parent_propagated = FALSE;

  395. 

  396. 	hdr = rspamd_message_get_header_from_hash(hdrs, "Content-Transfer-Encoding", FALSE);

  397. 

  398. 	if (hdr == NULL) {

  399. 		if (part->parent_part && part->parent_part->cte != RSPAMD_CTE_UNKNOWN &&

  400. 				!(part->parent_part->flags & RSPAMD_MIME_PART_MISSING_CTE)) {

  401. 			part->cte = part->parent_part->cte;

  402. 			parent_propagated = TRUE;

  403. 

  404. 			goto check_cte;

  405. 		}

  406. 

  407. 		if (apply_heuristic) {

  408. 			part->cte = rspamd_mime_part_get_cte_heuristic (task, part);

  409. 			msg_info_task ("detected missing CTE for part as: %s",

  410. 					rspamd_cte_to_string (part->cte));

  411. 		}

  412. 

  413. 		part->flags |= RSPAMD_MIME_PART_MISSING_CTE;

  414. 	}

  415. 	else {

  416. 		DL_FOREACH (hdr, cur) {

  417. 			gsize hlen;

  418. 			gchar lc_buf[128];

  419. 

  420. 			hlen = rspamd_snprintf (lc_buf, sizeof (lc_buf), "%s", cur->value);

  421. 			rspamd_str_lc (lc_buf, hlen);

  422. 			cte = rspamd_mime_parse_cte (lc_buf, hlen);

  423. 

  424. 			if (cte != RSPAMD_CTE_UNKNOWN) {

  425. 				part->cte = cte;

  426. 				break;

  427. 			}

  428. 		}

  429. 

  430. check_cte:

  431. 		if (apply_heuristic) {

  432. 			if (part->cte == RSPAMD_CTE_UNKNOWN) {

  433. 				part->cte = rspamd_mime_part_get_cte_heuristic (task, part);

  434. 

  435. 				msg_info_task ("corrected bad CTE for part to: %s",

  436. 						rspamd_cte_to_string (part->cte));

  437. 			}

  438. 			else if (part->cte == RSPAMD_CTE_B64 ||

  439. 					part->cte == RSPAMD_CTE_QP) {

  440. 				/* Additionally check sanity */

  441. 				cte = rspamd_mime_part_get_cte_heuristic (task, part);

  442. 

  443. 				if (cte == RSPAMD_CTE_8BIT) {

  444. 					msg_info_task (

  445. 							"incorrect cte specified for part: %s, %s detected",

  446. 							rspamd_cte_to_string (part->cte),

  447. 							rspamd_cte_to_string (cte));

  448. 					part->cte = cte;

  449. 					part->flags |= RSPAMD_MIME_PART_BAD_CTE;

  450. 				}

  451. 				else if (cte != part->cte && parent_propagated) {

  452. 					part->cte = cte;

  453. 					msg_info_task ("detected missing CTE for part as: %s",

  454. 							rspamd_cte_to_string (part->cte));

  455. 				}

  456. 			}

  457. 			else {

  458. 				msg_debug_mime ("processed cte: %s",

  459. 						rspamd_cte_to_string (cte));

  460. 			}

  461. 		}

  462. 		else {

  463. 			msg_debug_mime ("processed cte: %s", rspamd_cte_to_string (cte));

  464. 		}

  465. 	}

  466. }

  467. static void

  468. rspamd_mime_part_get_cd (struct rspamd_task *task, struct rspamd_mime_part *part)

  469. {

  470. 	struct rspamd_mime_header *hdr, *cur;

  471. 	struct rspamd_content_disposition *cd = NULL;

  472. 	rspamd_ftok_t srch;

  473. 	struct rspamd_content_type_param *found;

  474. 

  475. 	hdr = rspamd_message_get_header_from_hash(part->raw_headers,

  476. 			"Content-Disposition", FALSE);

  477. 

  478. 

  479. 	if (hdr == NULL) {

  480. 		cd = rspamd_mempool_alloc0 (task->task_pool, sizeof (*cd));

  481. 		cd->type = RSPAMD_CT_INLINE;

  482. 

  483. 		/* We can also have content disposition definitions in Content-Type */

  484. 		if (part->ct && part->ct->attrs) {

  485. 			RSPAMD_FTOK_ASSIGN (&srch, "name");

  486. 			found = g_hash_table_lookup (part->ct->attrs, &srch);

  487. 

  488. 			if (!found) {

  489. 				RSPAMD_FTOK_ASSIGN (&srch, "filename");

  490. 				found = g_hash_table_lookup (part->ct->attrs, &srch);

  491. 			}

  492. 

  493. 			if (found) {

  494. 				cd->type = RSPAMD_CT_ATTACHMENT;

  495. 				memcpy (&cd->filename, &found->value, sizeof (cd->filename));

  496. 			}

  497. 		}

  498. 	}

  499. 	else {

  500. 		DL_FOREACH (hdr, cur) {

  501. 			gsize hlen;

  502. 			cd = NULL;

  503. 

  504. 			if (cur->value) {

  505. 				hlen = strlen (cur->value);

  506. 				cd = rspamd_content_disposition_parse (cur->value, hlen,

  507. 						task->task_pool);

  508. 			}

  509. 

  510. 			if (cd) {

  511. 				/* We still need to check filename */

  512. 				if (cd->filename.len == 0) {

  513. 					if (part->ct && part->ct->attrs) {

  514. 						RSPAMD_FTOK_ASSIGN (&srch, "name");

  515. 						found = g_hash_table_lookup (part->ct->attrs, &srch);

  516. 

  517. 						if (!found) {

  518. 							RSPAMD_FTOK_ASSIGN (&srch, "filename");

  519. 							found = g_hash_table_lookup (part->ct->attrs, &srch);

  520. 						}

  521. 

  522. 						if (found) {

  523. 							cd->type = RSPAMD_CT_ATTACHMENT;

  524. 							memcpy (&cd->filename, &found->value,

  525. 									sizeof (cd->filename));

  526. 						}

  527. 					}

  528. 				}

  529. 

  530. 				msg_debug_mime ("processed content disposition: %s, file: \"%T\"",

  531. 						cd->lc_data, &cd->filename);

  532. 				break;

  533. 			}

  534. 			else if (part->ct) {

  535. 				/*

  536. 				 * Even in case of malformed Content-Disposition, we can still

  537. 				 * fall back to Content-Type

  538. 				 */

  539. 				cd = rspamd_mempool_alloc0 (task->task_pool, sizeof (*cd));

  540. 				cd->type = RSPAMD_CT_INLINE;

  541. 

  542. 				/* We can also have content disposition definitions in Content-Type */

  543. 				if (part->ct->attrs) {

  544. 					RSPAMD_FTOK_ASSIGN (&srch, "name");

  545. 					found = g_hash_table_lookup (part->ct->attrs, &srch);

  546. 

  547. 					if (!found) {

  548. 						RSPAMD_FTOK_ASSIGN (&srch, "filename");

  549. 						found = g_hash_table_lookup (part->ct->attrs, &srch);

  550. 					}

  551. 

  552. 					if (found) {

  553. 						cd->type = RSPAMD_CT_ATTACHMENT;

  554. 						memcpy (&cd->filename, &found->value, sizeof (cd->filename));

  555. 					}

  556. 				}

  557. 			}

  558. 		}

  559. 	}

  560. 

  561. 	part->cd = cd;

  562. }

  563. 

  564. void

  565. rspamd_mime_parser_calc_digest (struct rspamd_mime_part *part)

  566. {

  567. 	/* Blake2b applied to string 'rspamd' */

  568. 	static const guchar hash_key[] = {

  569. 			0xef,0x43,0xae,0x80,0xcc,0x8d,0xc3,0x4c,

  570. 			0x6f,0x1b,0xd6,0x18,0x1b,0xae,0x87,0x74,

  571. 			0x0c,0xca,0xf7,0x8e,0x5f,0x2e,0x54,0x32,

  572. 			0xf6,0x79,0xb9,0x27,0x26,0x96,0x20,0x92,

  573. 			0x70,0x07,0x85,0xeb,0x83,0xf7,0x89,0xe0,

  574. 			0xd7,0x32,0x2a,0xd2,0x1a,0x64,0x41,0xef,

  575. 			0x49,0xff,0xc3,0x8c,0x54,0xf9,0x67,0x74,

  576. 			0x30,0x1e,0x70,0x2e,0xb7,0x12,0x09,0xfe,

  577. 	};

  578. 

  579. 	if (part->parsed_data.len > 0) {

  580. 		rspamd_cryptobox_hash (part->digest,

  581. 				part->parsed_data.begin, part->parsed_data.len,

  582. 				hash_key, sizeof (hash_key));

  583. 	}

  584. }

  585. 

  586. static enum rspamd_mime_parse_error

  587. rspamd_mime_parse_normal_part (struct rspamd_task *task,

  588. 		struct rspamd_mime_part *part,

  589. 		struct rspamd_mime_parser_ctx *st,

  590. 		struct rspamd_content_type *ct,

  591. 		GError **err)

  592. {

  593. 	rspamd_fstring_t *parsed;

  594. 	gssize r;

  595. 

  596. 	g_assert (part != NULL);

  597. 

  598. 	rspamd_mime_part_get_cte (task, part->raw_headers, part,

  599. 			part->ct && !(part->ct->flags & RSPAMD_CONTENT_TYPE_MESSAGE));

  600. 	rspamd_mime_part_get_cd (task, part);

  601. 

  602. 	switch (part->cte) {

  603. 	case RSPAMD_CTE_7BIT:

  604. 	case RSPAMD_CTE_8BIT:

  605. 	case RSPAMD_CTE_UNKNOWN:

  606. 		if (part->ct && (part->ct->flags & RSPAMD_CONTENT_TYPE_MISSING)) {

  607. 			if (part->cte != RSPAMD_CTE_7BIT) {

  608. 				/* We have something that has a missing content-type,

  609. 				 * but it has non-7bit characters.

  610. 				 *

  611. 				 * In theory, it is very unsafe to process it as a text part

  612. 				 * as we unlikely get some sane result

  613. 				 */

  614. 

  615. 				/*

  616. 				 * On the other hand, there is an evidence that some

  617. 				 * emails actually rely on that.

  618. 				 * So we apply an expensive hack here:

  619. 				 * if there are no 8bit characters -OR- the content is valid

  620. 				 * UTF8, we can still imply Content-Type == text/plain

  621. 				 */

  622. 

  623. 				if (rspamd_str_has_8bit (part->raw_data.begin, part->raw_data.len) &&

  624. 					!rspamd_fast_utf8_validate (part->raw_data.begin, part->raw_data.len)) {

  625. 					part->ct->flags &= ~RSPAMD_CONTENT_TYPE_TEXT;

  626. 					part->ct->flags |= RSPAMD_CONTENT_TYPE_BROKEN;

  627. 				}

  628. 			}

  629. 		}

  630. 

  631. 		if (part->ct && (part->ct->flags & RSPAMD_CONTENT_TYPE_TEXT)) {

  632. 			/* Need to copy text as we have couple of in-place change functions */

  633. 			parsed = rspamd_fstring_sized_new (part->raw_data.len);

  634. 			parsed->len = part->raw_data.len;

  635. 			memcpy (parsed->str, part->raw_data.begin, parsed->len);

  636. 			part->parsed_data.begin = parsed->str;

  637. 			part->parsed_data.len = parsed->len;

  638. 			rspamd_mempool_notify_alloc (task->task_pool, parsed->len);

  639. 			rspamd_mempool_add_destructor (task->task_pool,

  640. 					(rspamd_mempool_destruct_t)rspamd_fstring_free, parsed);

  641. 		}

  642. 		else {

  643. 			part->parsed_data.begin = part->raw_data.begin;

  644. 			part->parsed_data.len = part->raw_data.len;

  645. 		}

  646. 		break;

  647. 	case RSPAMD_CTE_QP:

  648. 		parsed = rspamd_fstring_sized_new (part->raw_data.len);

  649. 		r = rspamd_decode_qp_buf (part->raw_data.begin, part->raw_data.len,

  650. 				parsed->str, parsed->allocated);

  651. 		if (r != -1) {

  652. 			parsed->len = r;

  653. 			part->parsed_data.begin = parsed->str;

  654. 			part->parsed_data.len = parsed->len;

  655. 			rspamd_mempool_notify_alloc (task->task_pool, parsed->len);

  656. 			rspamd_mempool_add_destructor (task->task_pool,

  657. 					(rspamd_mempool_destruct_t)rspamd_fstring_free, parsed);

  658. 		}

  659. 		else {

  660. 			msg_err_task ("invalid quoted-printable encoded part, assume 8bit");

  661. 			if (part->ct) {

  662. 				part->ct->flags |= RSPAMD_CONTENT_TYPE_BROKEN;

  663. 			}

  664. 			part->cte = RSPAMD_CTE_8BIT;

  665. 			memcpy (parsed->str, part->raw_data.begin, part->raw_data.len);

  666. 			parsed->len = part->raw_data.len;

  667. 			part->parsed_data.begin = parsed->str;

  668. 			part->parsed_data.len = parsed->len;

  669. 			rspamd_mempool_notify_alloc (task->task_pool, parsed->len);

  670. 			rspamd_mempool_add_destructor (task->task_pool,

  671. 					(rspamd_mempool_destruct_t)rspamd_fstring_free, parsed);

  672. 		}

  673. 		break;

  674. 	case RSPAMD_CTE_B64:

  675. 		parsed = rspamd_fstring_sized_new (part->raw_data.len / 4 * 3 + 12);

  676. 		rspamd_cryptobox_base64_decode (part->raw_data.begin,

  677. 				part->raw_data.len,

  678. 				parsed->str, &parsed->len);

  679. 		part->parsed_data.begin = parsed->str;

  680. 		part->parsed_data.len = parsed->len;

  681. 		rspamd_mempool_notify_alloc (task->task_pool, parsed->len);

  682. 		rspamd_mempool_add_destructor (task->task_pool,

  683. 				(rspamd_mempool_destruct_t)rspamd_fstring_free, parsed);

  684. 		break;

  685. 	case RSPAMD_CTE_UUE:

  686. 		parsed = rspamd_fstring_sized_new (part->raw_data.len / 4 * 3 + 12);

  687. 		r = rspamd_decode_uue_buf (part->raw_data.begin, part->raw_data.len,

  688. 				parsed->str, parsed->allocated);

  689. 		rspamd_mempool_notify_alloc (task->task_pool, parsed->len);

  690. 		rspamd_mempool_add_destructor (task->task_pool,

  691. 				(rspamd_mempool_destruct_t)rspamd_fstring_free, parsed);

  692. 		if (r != -1) {

  693. 			parsed->len = r;

  694. 			part->parsed_data.begin = parsed->str;

  695. 			part->parsed_data.len = parsed->len;

  696. 		}

  697. 		else {

  698. 			msg_err_task ("invalid uuencoding in encoded part, assume 8bit");

  699. 			if (part->ct) {

  700. 				part->ct->flags |= RSPAMD_CONTENT_TYPE_BROKEN;

  701. 			}

  702. 			part->cte = RSPAMD_CTE_8BIT;

  703. 			parsed->len = MIN (part->raw_data.len, parsed->allocated);

  704. 			memcpy (parsed->str, part->raw_data.begin, parsed->len);

  705. 			rspamd_mempool_notify_alloc (task->task_pool, parsed->len);

  706. 			part->parsed_data.begin = parsed->str;

  707. 			part->parsed_data.len = parsed->len;

  708. 		}

  709. 		break;

  710. 	default:

  711. 		g_assert_not_reached ();

  712. 	}

  713. 

  714. 	part->part_number = MESSAGE_FIELD (task, parts)->len;

  715. 	part->urls = g_ptr_array_new ();

  716. 	g_ptr_array_add (MESSAGE_FIELD (task, parts), part);

  717. 	msg_debug_mime ("parsed data part %T/%T of length %z (%z orig), %s cte",

  718. 			&part->ct->type, &part->ct->subtype, part->parsed_data.len,

  719. 			part->raw_data.len, rspamd_cte_to_string (part->cte));

  720. 	rspamd_mime_parser_calc_digest (part);

  721. 

  722. 	if (ct && (ct->flags & RSPAMD_CONTENT_TYPE_SMIME)) {

  723. 		CMS_ContentInfo *cms;

  724. 		const unsigned char *der_beg = part->parsed_data.begin;

  725. 		cms = d2i_CMS_ContentInfo (NULL, &der_beg, part->parsed_data.len);

  726. 

  727. 		if (cms) {

  728. 			const ASN1_OBJECT *asn_ct = CMS_get0_eContentType (cms);

  729. 			int ct_nid = OBJ_obj2nid (asn_ct);

  730. 

  731. 			if (ct_nid == NID_pkcs7_data) {

  732. 				BIO *bio = BIO_new_mem_buf (part->parsed_data.begin,

  733. 						part->parsed_data.len);

  734. 

  735. 				PKCS7 *p7;

  736. 				p7 = d2i_PKCS7_bio (bio, NULL);

  737. 

  738. 				if (p7) {

  739. 					ct_nid = OBJ_obj2nid (p7->type);

  740. 

  741. 					if (ct_nid == NID_pkcs7_signed) {

  742. 						PKCS7 *p7_signed_content = p7->d.sign->contents;

  743. 

  744. 						ct_nid =  OBJ_obj2nid (p7_signed_content->type);

  745. 

  746. 						if (ct_nid == NID_pkcs7_data && p7_signed_content->d.data) {

  747. 							int ret;

  748. 

  749. 							msg_debug_mime ("found an additional part inside of "

  750. 											"smime structure of type %T/%T; length=%d",

  751. 									&ct->type, &ct->subtype, p7_signed_content->d.data->length);

  752. 							/*

  753. 							 * Since ASN.1 structures are freed, we need to copy

  754. 							 * the content

  755. 							 */

  756. 							gchar *cpy = rspamd_mempool_alloc (task->task_pool,

  757. 									p7_signed_content->d.data->length);

  758. 							memcpy (cpy, p7_signed_content->d.data->data,

  759. 									p7_signed_content->d.data->length);

  760. 							ret = rspamd_mime_process_multipart_node (task,

  761. 									st, NULL,

  762. 									cpy,cpy + p7_signed_content->d.data->length,

  763. 									TRUE, err);

  764. 

  765. 							PKCS7_free (p7);

  766. 							BIO_free (bio);

  767. 							CMS_ContentInfo_free (cms);

  768. 

  769. 							return ret;

  770. 						}

  771. 					}

  772. 

  773. 					PKCS7_free (p7);

  774. 				}

  775. 

  776. 				BIO_free (bio);

  777. 			}

  778. 

  779. 			CMS_ContentInfo_free (cms);

  780. 		}

  781. 	}

  782. 

  783. 	return RSPAMD_MIME_PARSE_OK;

  784. }

  785. 

  786. struct rspamd_mime_multipart_cbdata {

  787. 	struct rspamd_task *task;

  788. 	struct rspamd_mime_part *multipart;

  789. 	struct rspamd_mime_parser_ctx *st;

  790. 	const gchar *part_start;

  791. 	rspamd_ftok_t *cur_boundary;

  792. 	guint64 bhash;

  793. 	GError **err;

  794. };

  795. 

  796. static enum rspamd_mime_parse_error

  797. rspamd_mime_process_multipart_node (struct rspamd_task *task,

  798. 		struct rspamd_mime_parser_ctx *st,

  799. 		struct rspamd_mime_part *multipart,

  800. 		const gchar *start, const gchar *end,

  801. 		gboolean is_finished,

  802. 		GError **err)

  803. {

  804. 	struct rspamd_content_type *ct, *sel = NULL;

  805. 	struct rspamd_mime_header *hdr = NULL, *cur;

  806. 	struct rspamd_mime_part *npart;

  807. 	GString str;

  808. 	goffset hdr_pos, body_pos;

  809. 	enum rspamd_mime_parse_error ret = RSPAMD_MIME_PARSE_FATAL;

  810. 

  811. 

  812. 	str.str = (gchar *)start;

  813. 	str.len = end - start;

  814. 

  815. 	if (*start == '\n' || *start == '\r') {

  816. 		/*

  817. 		 * We have a part that starts from newline which means that

  818. 		 * there are completely no headers in this part,

  819. 		 * hence we assume it as a text part

  820. 		 */

  821. 		hdr_pos = 0;

  822. 		body_pos = 0;

  823. 

  824. 		if (!is_finished) {

  825. 			/* Ignore garbage */

  826. 			const gchar *p = start;

  827. 			gboolean seen_something = FALSE;

  828. 

  829. 			while (p < end) {

  830. 				if (g_ascii_isalnum (*p)) {

  831. 					seen_something = TRUE;

  832. 					break;

  833. 				}

  834. 				p ++;

  835. 			}

  836. 

  837. 			if (!seen_something) {

  838. 				return RSPAMD_MIME_PARSE_NO_PART;

  839. 			}

  840. 		}

  841. 	}

  842. 	else {

  843. 		hdr_pos = rspamd_string_find_eoh (&str, &body_pos);

  844. 	}

  845. 

  846. 	npart = rspamd_mempool_alloc0 (task->task_pool,

  847. 			sizeof (struct rspamd_mime_part));

  848. 	npart->parent_part = multipart;

  849. 	npart->raw_headers =  rspamd_message_headers_new ();

  850. 	npart->headers_order = NULL;

  851. 

  852. 	if (multipart) {

  853. 		if (multipart->specific.mp->children == NULL) {

  854. 			multipart->specific.mp->children = g_ptr_array_sized_new (2);

  855. 		}

  856. 

  857. 		g_ptr_array_add (multipart->specific.mp->children, npart);

  858. 	}

  859. 

  860. 	if (hdr_pos > 0 && hdr_pos < str.len) {

  861. 		npart->raw_headers_str = str.str;

  862. 		npart->raw_headers_len = hdr_pos;

  863. 		npart->raw_data.begin = start + body_pos;

  864. 		npart->raw_data.len = (end - start) - body_pos;

  865. 

  866. 		if (npart->raw_headers_len > 0) {

  867. 			rspamd_mime_headers_process (task, npart->raw_headers,

  868. 					&npart->headers_order,

  869. 					npart->raw_headers_str,

  870. 					npart->raw_headers_len,

  871. 					FALSE);

  872. 

  873. 			/* Preserve the natural order */

  874. 			if (npart->headers_order) {

  875. 				LL_REVERSE2 (npart->headers_order, ord_next);

  876. 			}

  877. 		}

  878. 

  879. 		hdr = rspamd_message_get_header_from_hash(npart->raw_headers,

  880. 				"Content-Type", FALSE);

  881. 

  882. 	}

  883. 	else {

  884. 		npart->raw_headers_str = 0;

  885. 		npart->raw_headers_len = 0;

  886. 		npart->raw_data.begin = start;

  887. 		npart->raw_data.len = end - start;

  888. 	}

  889. 

  890. 

  891. 	if (hdr != NULL) {

  892. 

  893. 		DL_FOREACH (hdr, cur) {

  894. 			ct = rspamd_content_type_parse (cur->value, strlen (cur->value),

  895. 					task->task_pool);

  896. 

  897. 			/* Here we prefer multipart content-type or any content-type */

  898. 			if (ct) {

  899. 				if (sel == NULL) {

  900. 					sel = ct;

  901. 				}

  902. 				else if (ct->flags & RSPAMD_CONTENT_TYPE_MULTIPART) {

  903. 					sel = ct;

  904. 				}

  905. 			}

  906. 		}

  907. 	}

  908. 

  909. 	if (sel == NULL) {

  910. 		sel = rspamd_mempool_alloc0 (task->task_pool, sizeof (*sel));

  911. 		RSPAMD_FTOK_ASSIGN (&sel->type, "text");

  912. 		RSPAMD_FTOK_ASSIGN (&sel->subtype, "plain");

  913. 	}

  914. 

  915. 	npart->ct = sel;

  916. 

  917. 	if (sel->flags & RSPAMD_CONTENT_TYPE_MULTIPART) {

  918. 		st->nesting ++;

  919. 		g_ptr_array_add (st->stack, npart);

  920. 		npart->part_type = RSPAMD_MIME_PART_MULTIPART;

  921. 		npart->specific.mp = rspamd_mempool_alloc0 (task->task_pool,

  922. 				sizeof (struct rspamd_mime_multipart));

  923. 		memcpy (&npart->specific.mp->boundary, &sel->orig_boundary,

  924. 				sizeof (rspamd_ftok_t));

  925. 		ret = rspamd_mime_parse_multipart_part (task, npart, st, err);

  926. 	}

  927. 	else if (sel->flags & RSPAMD_CONTENT_TYPE_MESSAGE) {

  928. 		st->nesting ++;

  929. 		g_ptr_array_add (st->stack, npart);

  930. 		npart->part_type = RSPAMD_MIME_PART_MESSAGE;

  931. 

  932. 		if ((ret = rspamd_mime_parse_normal_part (task, npart, st, sel, err))

  933. 				== RSPAMD_MIME_PARSE_OK) {

  934. 			ret = rspamd_mime_parse_message (task, npart, st, err);

  935. 		}

  936. 	}

  937. 	else {

  938. 		ret = rspamd_mime_parse_normal_part (task, npart, st, sel, err);

  939. 	}

  940. 

  941. 	return ret;

  942. }

  943. 

  944. static enum rspamd_mime_parse_error

  945. rspamd_mime_parse_multipart_cb (struct rspamd_task *task,

  946. 		struct rspamd_mime_part *multipart,

  947. 		struct rspamd_mime_parser_ctx *st,

  948. 		struct rspamd_mime_multipart_cbdata *cb,

  949. 		struct rspamd_mime_boundary *b)

  950. {

  951. 	const gchar *pos = st->start + b->boundary;

  952. 	enum rspamd_mime_parse_error ret;

  953. 

  954. 	task = cb->task;

  955. 

  956. 	/* Now check boundary */

  957. 	if (!cb->part_start) {

  958. 		cb->part_start = st->start + b->start;

  959. 		st->pos = cb->part_start;

  960. 	}

  961. 	else {

  962. 		/*

  963. 		 * We have seen the start of the boundary,

  964. 		 * but it might be unsuitable (e.g. in broken headers)

  965. 		 */

  966. 		if (cb->part_start < pos && cb->cur_boundary) {

  967. 

  968. 			if ((ret = rspamd_mime_process_multipart_node (task, cb->st,

  969. 					cb->multipart, cb->part_start, pos, TRUE, cb->err))

  970. 						!= RSPAMD_MIME_PARSE_OK) {

  971. 				return ret;

  972. 			}

  973. 

  974. 			if (b->start > 0) {

  975. 				/* Go towards the next part */

  976. 				cb->part_start = st->start + b->start;

  977. 				cb->st->pos = cb->part_start;

  978. 			}

  979. 		}

  980. 		else {

  981. 			/* We have an empty boundary, do nothing */

  982. 		}

  983. 	}

  984. 

  985. 	return RSPAMD_MIME_PARSE_OK;

  986. }

  987. 

  988. static enum rspamd_mime_parse_error

  989. rspamd_multipart_boundaries_filter (struct rspamd_task *task,

  990. 		struct rspamd_mime_part *multipart,

  991. 		struct rspamd_mime_parser_ctx *st,

  992. 		struct rspamd_mime_multipart_cbdata *cb)

  993. {

  994. 	struct rspamd_mime_boundary *cur;

  995. 	goffset last_offset;

  996. 	guint i, sel = 0;

  997. 	enum rspamd_mime_parse_error ret;

  998. 

  999. 	last_offset = (multipart->raw_data.begin - st->start) +

  1000. 			multipart->raw_data.len;

  1001. 

  1002. 	/* Find the first offset suitable for this part */

  1003. 	for (i = 0; i < st->boundaries->len; i ++) {

  1004. 		cur = &g_array_index (st->boundaries, struct rspamd_mime_boundary, i);

  1005. 

  1006. 		if (cur->start >= multipart->raw_data.begin - st->start) {

  1007. 			if (cb->cur_boundary) {

  1008. 				/* Check boundary */

  1009. 				msg_debug_mime ("compare %L and %L (and %L)",

  1010. 						cb->bhash, cur->hash, cur->closed_hash);

  1011. 

  1012. 				if (cb->bhash == cur->hash) {

  1013. 					sel = i;

  1014. 					break;

  1015. 				}

  1016. 				else if (cb->bhash == cur->closed_hash) {

  1017. 					/* Not a closing element in fact */

  1018. 					cur->flags &= ~(RSPAMD_MIME_BOUNDARY_FLAG_CLOSED);

  1019. 					cur->hash = cur->closed_hash;

  1020. 					sel = i;

  1021. 					break;

  1022. 				}

  1023. 			}

  1024. 			else {

  1025. 				/* Set current boundary */

  1026. 				cb->cur_boundary = rspamd_mempool_alloc (task->task_pool,

  1027. 						sizeof (rspamd_ftok_t));

  1028. 				cb->cur_boundary->begin = st->start + cur->boundary;

  1029. 				cb->cur_boundary->len = 0;

  1030. 				cb->bhash = cur->hash;

  1031. 				sel = i;

  1032. 				break;

  1033. 			}

  1034. 		}

  1035. 	}

  1036. 

  1037. 	/* Now we can go forward with boundaries that are same to what we have */

  1038. 	for (i = sel; i < st->boundaries->len; i ++) {

  1039. 		cur = &g_array_index (st->boundaries, struct rspamd_mime_boundary, i);

  1040. 

  1041. 		if (cur->boundary > last_offset) {

  1042. 			break;

  1043. 		}

  1044. 

  1045. 		if (cur->hash == cb->bhash || cur->closed_hash == cb->bhash) {

  1046. 			if ((ret = rspamd_mime_parse_multipart_cb (task, multipart, st,

  1047. 					cb, cur)) != RSPAMD_MIME_PARSE_OK) {

  1048. 				return ret;

  1049. 			}

  1050. 

  1051. 			if (cur->closed_hash == cb->bhash) {

  1052. 				/* We have again fake closed hash */

  1053. 				cur->flags &= ~(RSPAMD_MIME_BOUNDARY_FLAG_CLOSED);

  1054. 				cur->hash = cur->closed_hash;

  1055. 			}

  1056. 

  1057. 			if (RSPAMD_BOUNDARY_IS_CLOSED (cur)) {

  1058. 				/* We also might check the next boundary... */

  1059. 				if (i < st->boundaries->len - 1) {

  1060. 					cur = &g_array_index (st->boundaries,

  1061. 							struct rspamd_mime_boundary, i + 1);

  1062. 

  1063. 					if (cur->hash == cb->bhash) {

  1064. 						continue;

  1065. 					}

  1066. 					else if (cur->closed_hash == cb->bhash) {

  1067. 						/* We have again fake closed hash */

  1068. 						cur->flags &= ~(RSPAMD_MIME_BOUNDARY_FLAG_CLOSED);

  1069. 						cur->hash = cur->closed_hash;

  1070. 						continue;

  1071. 					}

  1072. 				}

  1073. 

  1074. 				break;

  1075. 			}

  1076. 		}

  1077. 	}

  1078. 

  1079. 	if (i == st->boundaries->len && cb->cur_boundary) {

  1080. 		/* Process the last part */

  1081. 		struct rspamd_mime_boundary fb;

  1082. 

  1083. 		fb.boundary = last_offset;

  1084. 		fb.start = -1;

  1085. 

  1086. 		if ((ret = rspamd_mime_parse_multipart_cb (task, multipart, st,

  1087. 				cb, &fb)) != RSPAMD_MIME_PARSE_OK) {

  1088. 			return ret;

  1089. 		}

  1090. 	}

  1091. 

  1092. 	return RSPAMD_MIME_PARSE_OK;

  1093. }

  1094. 

  1095. static enum rspamd_mime_parse_error

  1096. rspamd_mime_parse_multipart_part (struct rspamd_task *task,

  1097. 		struct rspamd_mime_part *part,

  1098. 		struct rspamd_mime_parser_ctx *st,

  1099. 		GError **err)

  1100. {

  1101. 	struct rspamd_mime_multipart_cbdata cbdata;

  1102. 	enum rspamd_mime_parse_error ret;

  1103. 

  1104. 	if (st->nesting > max_nested) {

  1105. 		g_set_error (err, RSPAMD_MIME_QUARK, E2BIG, "Nesting level is too high: %d",

  1106. 				st->nesting);

  1107. 		return RSPAMD_MIME_PARSE_NESTING;

  1108. 	}

  1109. 

  1110. 	part->part_number = MESSAGE_FIELD (task, parts)->len;

  1111. 	part->urls = g_ptr_array_new ();

  1112. 	g_ptr_array_add (MESSAGE_FIELD (task, parts), part);

  1113. 	st->nesting ++;

  1114. 	rspamd_mime_part_get_cte (task, part->raw_headers, part, FALSE);

  1115. 

  1116. 	st->pos = part->raw_data.begin;

  1117. 	cbdata.multipart = part;

  1118. 	cbdata.task = task;

  1119. 	cbdata.st = st;

  1120. 	cbdata.part_start = NULL;

  1121. 	cbdata.err = err;

  1122. 

  1123. 	if (part->ct->boundary.len > 0) {

  1124. 		/* We know our boundary */

  1125. 		cbdata.cur_boundary = &part->ct->boundary;

  1126. 		rspamd_cryptobox_siphash ((guchar *)&cbdata.bhash,

  1127. 				cbdata.cur_boundary->begin, cbdata.cur_boundary->len,

  1128. 				lib_ctx->hkey);

  1129. 		msg_debug_mime ("hash: %T -> %L", cbdata.cur_boundary, cbdata.bhash);

  1130. 	}

  1131. 	else {

  1132. 		/* Guess boundary */

  1133. 		cbdata.cur_boundary = NULL;

  1134. 		cbdata.bhash = 0;

  1135. 	}

  1136. 

  1137. 	ret = rspamd_multipart_boundaries_filter (task, part, st, &cbdata);

  1138. 	/* Cleanup stack */

  1139. 	st->nesting --;

  1140. 	g_ptr_array_remove_index_fast (st->stack, st->stack->len - 1);

  1141. 

  1142. 	return ret;

  1143. }

  1144. 

  1145. /* Process boundary like structures in a message */

  1146. static gint

  1147. rspamd_mime_preprocess_cb (struct rspamd_multipattern *mp,

  1148. 		guint strnum,

  1149. 		gint match_start,

  1150. 		gint match_pos,

  1151. 		const gchar *text,

  1152. 		gsize len,

  1153. 		void *context)

  1154. {

  1155. 	const gchar *end = text + len, *p = text + match_pos, *bend;

  1156. 	gsize blen;

  1157. 	gboolean closing = FALSE;

  1158. 	struct rspamd_mime_boundary b;

  1159. 	struct rspamd_mime_parser_ctx *st = context;

  1160. 	struct rspamd_task *task;

  1161. 

  1162. 	task = st->task;

  1163. 

  1164. 	if (G_LIKELY (p < end)) {

  1165. 		gboolean seen_non_dash = FALSE;

  1166. 

  1167. 		blen = 0;

  1168. 

  1169. 		while (p < end) {

  1170. 			if (*p == '\r' || *p == '\n') {

  1171. 				break;

  1172. 			}

  1173. 			else if (*p != '-') {

  1174. 				seen_non_dash = TRUE;

  1175. 			}

  1176. 

  1177. 			blen ++;

  1178. 			p ++;

  1179. 		}

  1180. 

  1181. 		if (blen > 0 && seen_non_dash) {

  1182. 			/* We have found something like boundary */

  1183. 			p = text + match_pos;

  1184. 			bend = p + blen - 1;

  1185. 

  1186. 			if (*bend == '-') {

  1187. 				/* We need to verify last -- */

  1188. 				if (bend > p + 1 && *(bend - 1) == '-') {

  1189. 					closing = TRUE;

  1190. 					bend --;

  1191. 					blen -= 2;

  1192. 				}

  1193. 				else {

  1194. 					/* Not a closing boundary somehow */

  1195. 					bend ++;

  1196. 				}

  1197. 			}

  1198. 			else {

  1199. 				bend ++;

  1200. 			}

  1201. 

  1202. 			while (bend < end) {

  1203. 				if (*bend == '\r') {

  1204. 					bend ++;

  1205. 

  1206. 					/* \r\n */

  1207. 					if (bend < end && *bend == '\n') {

  1208. 						bend ++;

  1209. 					}

  1210. 				}

  1211. 				else if (*bend == '\n') {

  1212. 					/* \n */

  1213. 					bend ++;

  1214. 				}

  1215. 				else if (g_ascii_isspace (*bend)){

  1216. 					/* Spaces in the same line, skip them */

  1217. 					bend ++;

  1218. 					continue;

  1219. 				}

  1220. 

  1221. 				break;

  1222. 			}

  1223. 

  1224. 			b.boundary = p - st->start - 2;

  1225. 			b.start = bend - st->start;

  1226. 

  1227. 			/* Small optimisation as boundaries are usually short strings */

  1228. 			gchar *lc_copy, lc_copy_buf[128];

  1229. 

  1230. 			if (blen + 2 < sizeof(lc_copy_buf)) {

  1231. 				lc_copy = lc_copy_buf;

  1232. 			}

  1233. 			else {

  1234. 				lc_copy = g_malloc (blen + 2);

  1235. 			}

  1236. 

  1237. 			if (closing) {

  1238. 				memcpy (lc_copy, p, blen + 2);

  1239. 				rspamd_str_lc (lc_copy, blen + 2);

  1240. 			}

  1241. 			else {

  1242. 				memcpy (lc_copy, p, blen);

  1243. 				rspamd_str_lc (lc_copy, blen);

  1244. 			}

  1245. 

  1246. 			rspamd_cryptobox_siphash ((guchar *)&b.hash, lc_copy, blen,

  1247. 					lib_ctx->hkey);

  1248. 			msg_debug_mime ("normal hash: %*s -> %L, %d boffset, %d data offset",

  1249. 					(gint)blen, lc_copy, b.hash, (int)b.boundary, (int)b.start);

  1250. 

  1251. 			if (closing) {

  1252. 				b.flags = RSPAMD_MIME_BOUNDARY_FLAG_CLOSED;

  1253. 				rspamd_cryptobox_siphash ((guchar *)&b.closed_hash, lc_copy,

  1254. 						blen + 2,

  1255. 						lib_ctx->hkey);

  1256. 				msg_debug_mime ("closing hash: %*s -> %L, %d boffset, %d data offset",

  1257. 						(gint)blen + 2, lc_copy,

  1258. 						b.closed_hash,

  1259. 						(int)b.boundary, (int)b.start);

  1260. 			}

  1261. 			else {

  1262. 				b.flags = 0;

  1263. 				b.closed_hash = 0;

  1264. 			}

  1265. 

  1266. 			/* Check if a string has been allocated on the heap */

  1267. 			if (blen + 2 >= sizeof(lc_copy_buf)) {

  1268. 				g_free(lc_copy);

  1269. 			}

  1270. 			g_array_append_val (st->boundaries, b);

  1271. 		}

  1272. 	}

  1273. 

  1274. 	return 0;

  1275. }

  1276. 

  1277. static goffset

  1278. rspamd_mime_parser_headers_heuristic (GString *input, goffset *body_start)

  1279. {

  1280. 	const gsize default_max_len = 76;

  1281. 	gsize max_len = MIN (input->len, default_max_len);

  1282. 	const gchar *p, *end;

  1283. 	enum {

  1284. 		st_before_colon = 0,

  1285. 		st_colon,

  1286. 		st_spaces_after_colon,

  1287. 		st_value,

  1288. 		st_error

  1289. 	} state = st_before_colon;

  1290. 

  1291. 	p = input->str;

  1292. 	end = p + max_len;

  1293. 

  1294. 	while (p < end) {

  1295. 		switch (state) {

  1296. 		case st_before_colon:

  1297. 			if (G_UNLIKELY (*p == ':')) {

  1298. 				state = st_colon;

  1299. 			}

  1300. 			else if (G_UNLIKELY (!g_ascii_isgraph (*p))) {

  1301. 				state = st_error;

  1302. 			}

  1303. 

  1304. 			p ++;

  1305. 			break;

  1306. 		case st_colon:

  1307. 			if (g_ascii_isspace (*p)) {

  1308. 				state = st_spaces_after_colon;

  1309. 			}

  1310. 			else {

  1311. 				state = st_value;

  1312. 			}

  1313. 			p ++;

  1314. 			break;

  1315. 		case st_spaces_after_colon:

  1316. 			if (!g_ascii_isspace (*p)) {

  1317. 				state = st_value;

  1318. 			}

  1319. 			p ++;

  1320. 			break;

  1321. 		case st_value:

  1322. 			/* We accept any value */

  1323. 			goto end;

  1324. 			break;

  1325. 		case st_error:

  1326. 			return (-1);

  1327. 			break;

  1328. 		}

  1329. 	}

  1330. 

  1331. end:

  1332. 	if (state == st_value) {

  1333. 		if (body_start) {

  1334. 			*body_start = input->len;

  1335. 		}

  1336. 

  1337. 		return input->len;

  1338. 	}

  1339. 

  1340. 	return (-1);

  1341. }

  1342. 

  1343. static void

  1344. rspamd_mime_preprocess_message (struct rspamd_task *task,

  1345. 		struct rspamd_mime_part *top,

  1346. 		struct rspamd_mime_parser_ctx *st)

  1347. {

  1348. 

  1349. 	if (top->raw_data.begin >= st->pos) {

  1350. 		rspamd_multipattern_lookup (lib_ctx->mp_boundary,

  1351. 				top->raw_data.begin - 1,

  1352. 				top->raw_data.len + 1,

  1353. 				rspamd_mime_preprocess_cb, st, NULL);

  1354. 	}

  1355. 	else {

  1356. 		rspamd_multipattern_lookup (lib_ctx->mp_boundary,

  1357. 				st->pos,

  1358. 				st->end - st->pos,

  1359. 				rspamd_mime_preprocess_cb, st, NULL);

  1360. 	}

  1361. }

  1362. 

  1363. static void

  1364. rspamd_mime_parse_stack_free (struct rspamd_mime_parser_ctx *st)

  1365. {

  1366. 	if (st) {

  1367. 		g_ptr_array_free (st->stack, TRUE);

  1368. 		g_array_free (st->boundaries, TRUE);

  1369. 		g_free (st);

  1370. 	}

  1371. }

  1372. 

  1373. static enum rspamd_mime_parse_error

  1374. rspamd_mime_parse_message (struct rspamd_task *task,

  1375. 		struct rspamd_mime_part *part,

  1376. 		struct rspamd_mime_parser_ctx *st,

  1377. 		GError **err)

  1378. {

  1379. 	struct rspamd_content_type *ct, *sel = NULL;

  1380. 	struct rspamd_mime_header *hdr = NULL, *cur;

  1381. 	const gchar *pbegin, *p;

  1382. 	gsize plen, len;

  1383. 	struct rspamd_mime_part *npart;

  1384. 	goffset hdr_pos, body_pos;

  1385. 	guint i;

  1386. 	enum rspamd_mime_parse_error ret = RSPAMD_MIME_PARSE_OK;

  1387. 	GString str;

  1388. 	struct rspamd_mime_parser_ctx *nst = st;

  1389. 

  1390. 	if (st->nesting > max_nested) {

  1391. 		g_set_error (err, RSPAMD_MIME_QUARK, E2BIG, "Nesting level is too high: %d",

  1392. 				st->nesting);

  1393. 		return RSPAMD_MIME_PARSE_NESTING;

  1394. 	}

  1395. 

  1396. 	/* Allocate real part */

  1397. 	npart = rspamd_mempool_alloc0 (task->task_pool,

  1398. 			sizeof (struct rspamd_mime_part));

  1399. 

  1400. 	if (part == NULL) {

  1401. 		/* Top level message */

  1402. 		p = task->msg.begin;

  1403. 		len = task->msg.len;

  1404. 

  1405. 		str.str = (gchar *)p;

  1406. 		str.len = len;

  1407. 

  1408. 		hdr_pos = rspamd_string_find_eoh (&str, &body_pos);

  1409. 

  1410. 		if (hdr_pos > 0 && hdr_pos < str.len) {

  1411. 

  1412. 			MESSAGE_FIELD (task, raw_headers_content).begin = str.str;

  1413. 			MESSAGE_FIELD (task, raw_headers_content).len = hdr_pos;

  1414. 			MESSAGE_FIELD (task, raw_headers_content).body_start = str.str + body_pos;

  1415. 

  1416. 			if (MESSAGE_FIELD (task, raw_headers_content).len > 0) {

  1417. 				rspamd_mime_headers_process (task,

  1418. 						MESSAGE_FIELD (task, raw_headers),

  1419. 						&MESSAGE_FIELD (task, headers_order),

  1420. 						MESSAGE_FIELD (task, raw_headers_content).begin,

  1421. 						MESSAGE_FIELD (task, raw_headers_content).len,

  1422. 						TRUE);

  1423. 				npart->raw_headers = rspamd_message_headers_ref (

  1424. 						MESSAGE_FIELD (task, raw_headers));

  1425. 

  1426. 				/* Preserve the natural order */

  1427. 				if (MESSAGE_FIELD (task, headers_order)) {

  1428. 					LL_REVERSE2 (MESSAGE_FIELD (task, headers_order), ord_next);

  1429. 				}

  1430. 			}

  1431. 

  1432. 			hdr = rspamd_message_get_header_from_hash(

  1433. 					MESSAGE_FIELD (task, raw_headers),

  1434. 					"Content-Type", FALSE);

  1435. 		}

  1436. 		else {

  1437. 			/* First apply heuristic, maybe we have just headers */

  1438. 			hdr_pos = rspamd_mime_parser_headers_heuristic (&str, &body_pos);

  1439. 

  1440. 			if (hdr_pos > 0 && hdr_pos <= str.len) {

  1441. 				MESSAGE_FIELD (task, raw_headers_content).begin = str.str;

  1442. 				MESSAGE_FIELD (task, raw_headers_content).len = hdr_pos;

  1443. 				MESSAGE_FIELD (task, raw_headers_content).body_start = str.str +

  1444. 						body_pos;

  1445. 

  1446. 				if (MESSAGE_FIELD (task, raw_headers_content).len > 0) {

  1447. 					rspamd_mime_headers_process (task,

  1448. 							MESSAGE_FIELD (task, raw_headers),

  1449. 							&MESSAGE_FIELD (task, headers_order),

  1450. 							MESSAGE_FIELD (task, raw_headers_content).begin,

  1451. 							MESSAGE_FIELD (task, raw_headers_content).len,

  1452. 							TRUE);

  1453. 					npart->raw_headers = rspamd_message_headers_ref (

  1454. 							MESSAGE_FIELD (task, raw_headers));

  1455. 

  1456. 					/* Preserve the natural order */

  1457. 					if (MESSAGE_FIELD (task, headers_order)) {

  1458. 						LL_REVERSE2 (MESSAGE_FIELD (task, headers_order), ord_next);

  1459. 					}

  1460. 				}

  1461. 

  1462. 				hdr = rspamd_message_get_header_from_hash(

  1463. 						MESSAGE_FIELD (task, raw_headers),

  1464. 						"Content-Type", FALSE);

  1465. 				task->flags |= RSPAMD_TASK_FLAG_BROKEN_HEADERS;

  1466. 			}

  1467. 			else {

  1468. 				body_pos = 0;

  1469. 			}

  1470. 		}

  1471. 

  1472. 		pbegin = st->start + body_pos;

  1473. 		plen = st->end - pbegin;

  1474. 		npart->headers_order = NULL;

  1475. 	}

  1476. 	else {

  1477. 		/*

  1478. 		 * Here are dragons:

  1479. 		 * We allocate new parser context as we need to shift pointers

  1480. 		 */

  1481. 		nst = g_malloc0 (sizeof (*st));

  1482. 		nst->stack = g_ptr_array_sized_new (4);

  1483. 		nst->boundaries = g_array_sized_new (FALSE, FALSE,

  1484. 				sizeof (struct rspamd_mime_boundary), 8);

  1485. 		nst->start = part->parsed_data.begin;

  1486. 		nst->end = nst->start + part->parsed_data.len;

  1487. 		nst->pos = nst->start;

  1488. 		nst->task = st->task;

  1489. 		nst->nesting = st->nesting;

  1490. 		st->nesting ++;

  1491. 

  1492. 		str.str = (gchar *)part->parsed_data.begin;

  1493. 		str.len = part->parsed_data.len;

  1494. 

  1495. 		hdr_pos = rspamd_string_find_eoh (&str, &body_pos);

  1496. 		npart->raw_headers =  rspamd_message_headers_new ();

  1497. 		npart->headers_order = NULL;

  1498. 

  1499. 		if (hdr_pos > 0 && hdr_pos < str.len) {

  1500. 			npart->raw_headers_str = str.str;

  1501. 			npart->raw_headers_len = hdr_pos;

  1502. 			npart->raw_data.begin = str.str + body_pos;

  1503. 

  1504. 			if (npart->raw_headers_len > 0) {

  1505. 				rspamd_mime_headers_process (task,

  1506. 						npart->raw_headers,

  1507. 						&npart->headers_order,

  1508. 						npart->raw_headers_str,

  1509. 						npart->raw_headers_len,

  1510. 						FALSE);

  1511. 

  1512. 				/* Preserve the natural order */

  1513. 				if (npart->headers_order) {

  1514. 					LL_REVERSE2 (npart->headers_order, ord_next);

  1515. 				}

  1516. 			}

  1517. 

  1518. 			hdr = rspamd_message_get_header_from_hash(npart->raw_headers,

  1519. 					"Content-Type", FALSE);

  1520. 		}

  1521. 		else {

  1522. 			body_pos = 0;

  1523. 		}

  1524. 

  1525. 		pbegin = part->parsed_data.begin + body_pos;

  1526. 		plen = part->parsed_data.len - body_pos;

  1527. 	}

  1528. 

  1529. 	npart->raw_data.begin = pbegin;

  1530. 	npart->raw_data.len = plen;

  1531. 	npart->parent_part = part;

  1532. 

  1533. 	if (hdr == NULL) {

  1534. 		sel = NULL;

  1535. 	}

  1536. 	else {

  1537. 		DL_FOREACH (hdr, cur) {

  1538. 			ct = rspamd_content_type_parse (cur->value, strlen (cur->value),

  1539. 					task->task_pool);

  1540. 

  1541. 			/* Here we prefer multipart content-type or any content-type */

  1542. 			if (ct) {

  1543. 				if (sel == NULL) {

  1544. 					sel = ct;

  1545. 				}

  1546. 				else if (ct->flags & RSPAMD_CONTENT_TYPE_MULTIPART) {

  1547. 					sel = ct;

  1548. 				}

  1549. 			}

  1550. 		}

  1551. 	}

  1552. 

  1553. 	if (sel == NULL) {

  1554. 		/* For messages we automatically assume plaintext */

  1555. 		msg_info_task ("cannot find content-type for a message, assume text/plain");

  1556. 		sel = rspamd_mempool_alloc0 (task->task_pool, sizeof (*sel));

  1557. 		sel->flags = RSPAMD_CONTENT_TYPE_TEXT|RSPAMD_CONTENT_TYPE_MISSING;

  1558. 		RSPAMD_FTOK_ASSIGN (&sel->type, "text");

  1559. 		RSPAMD_FTOK_ASSIGN (&sel->subtype, "plain");

  1560. 	}

  1561. 

  1562. 	npart->ct = sel;

  1563. 

  1564. 	if ((part == NULL || nst != st) &&

  1565. 			(sel->flags & (RSPAMD_CONTENT_TYPE_MULTIPART|RSPAMD_CONTENT_TYPE_MESSAGE))) {

  1566. 		/* Not a trivial message, need to preprocess */

  1567. 		rspamd_mime_preprocess_message (task, npart, nst);

  1568. 	}

  1569. 

  1570. 	if (sel->flags & RSPAMD_CONTENT_TYPE_MULTIPART) {

  1571. 		g_ptr_array_add (nst->stack, npart);

  1572. 		nst->nesting ++;

  1573. 		npart->part_type = RSPAMD_MIME_PART_MULTIPART;

  1574. 		npart->specific.mp = rspamd_mempool_alloc0 (task->task_pool,

  1575. 				sizeof (struct rspamd_mime_multipart));

  1576. 		memcpy (&npart->specific.mp->boundary, &sel->orig_boundary,

  1577. 				sizeof (rspamd_ftok_t));

  1578. 		ret = rspamd_mime_parse_multipart_part (task, npart, nst, err);

  1579. 	}

  1580. 	else if (sel->flags & RSPAMD_CONTENT_TYPE_MESSAGE) {

  1581. 		if ((ret = rspamd_mime_parse_normal_part (task, npart, nst, sel, err))

  1582. 			== RSPAMD_MIME_PARSE_OK) {

  1583. 			npart->part_type = RSPAMD_MIME_PART_MESSAGE;

  1584. 			ret = rspamd_mime_parse_message (task, npart, nst, err);

  1585. 		}

  1586. 	}

  1587. 	else {

  1588. 		ret = rspamd_mime_parse_normal_part (task, npart, nst, sel, err);

  1589. 	}

  1590. 

  1591. 	if (ret != RSPAMD_MIME_PARSE_OK) {

  1592. 		return ret;

  1593. 	}

  1594. 

  1595. 	if (part && st->stack->len > 0) {

  1596. 		/* Remove message part from the parent stack */

  1597. 		g_ptr_array_remove_index_fast (st->stack, st->stack->len - 1);

  1598. 		st->nesting --;

  1599. 	}

  1600. 

  1601. 	/* Process leftovers for boundaries */

  1602. 	if (nst->boundaries) {

  1603. 		struct rspamd_mime_boundary *boundary, *start_boundary = NULL,

  1604. 				*end_boundary = NULL;

  1605. 		goffset cur_offset = nst->pos - nst->start,

  1606. 			end_offset = st->end - st->start;

  1607. 		guint sel_idx = 0;

  1608. 

  1609. 		for (;;) {

  1610. 			start_boundary = NULL;

  1611. 

  1612. 			for (i = sel_idx; i < nst->boundaries->len; i++) {

  1613. 				boundary = &g_array_index (nst->boundaries,

  1614. 						struct rspamd_mime_boundary, i);

  1615. 

  1616. 				if (boundary->start > cur_offset &&

  1617. 					boundary->boundary < end_offset &&

  1618. 					!RSPAMD_BOUNDARY_IS_CLOSED (boundary)) {

  1619. 					start_boundary = boundary;

  1620. 					sel_idx = i;

  1621. 					break;

  1622. 				}

  1623. 			}

  1624. 

  1625. 			if (start_boundary) {

  1626. 				const gchar *start, *end;

  1627. 

  1628. 				if (nst->boundaries->len > sel_idx + 1) {

  1629. 					end_boundary = &g_array_index (nst->boundaries,

  1630. 							struct rspamd_mime_boundary, sel_idx + 1);

  1631. 					end = nst->start + end_boundary->boundary;

  1632. 				}

  1633. 				else {

  1634. 					end = nst->end;

  1635. 				}

  1636. 

  1637. 				sel_idx ++;

  1638. 

  1639. 				start = nst->start + start_boundary->start;

  1640. 

  1641. 				if (end > start &&

  1642. 					(ret = rspamd_mime_process_multipart_node (task, nst,

  1643. 						NULL, start, end, FALSE, err)) != RSPAMD_MIME_PARSE_OK) {

  1644. 

  1645. 					if (nst != st) {

  1646. 						rspamd_mime_parse_stack_free (nst);

  1647. 					}

  1648. 

  1649. 					if (ret == RSPAMD_MIME_PARSE_NO_PART) {

  1650. 						return RSPAMD_MIME_PARSE_OK;

  1651. 					}

  1652. 

  1653. 					return ret;

  1654. 				}

  1655. 			}

  1656. 			else {

  1657. 				break;

  1658. 			}

  1659. 		}

  1660. 	}

  1661. 

  1662. 	if (nst != st) {

  1663. 		rspamd_mime_parse_stack_free (nst);

  1664. 	}

  1665. 

  1666. 	return ret;

  1667. }

  1668. 

  1669. enum rspamd_mime_parse_error

  1670. rspamd_mime_parse_task (struct rspamd_task *task, GError **err)

  1671. {

  1672. 	struct rspamd_mime_parser_ctx *st;

  1673. 	enum rspamd_mime_parse_error ret = RSPAMD_MIME_PARSE_OK;

  1674. 

  1675. 	if (lib_ctx == NULL) {

  1676. 		rspamd_mime_parser_init_lib ();

  1677. 	}

  1678. 

  1679. 	if (++lib_ctx->key_usages > max_key_usages) {

  1680. 		/* Regenerate siphash key */

  1681. 		ottery_rand_bytes (lib_ctx->hkey, sizeof (lib_ctx->hkey));

  1682. 		lib_ctx->key_usages = 0;

  1683. 	}

  1684. 

  1685. 	st = g_malloc0 (sizeof (*st));

  1686. 	st->stack = g_ptr_array_sized_new (4);

  1687. 	st->pos = MESSAGE_FIELD (task, raw_headers_content).body_start;

  1688. 	st->end = task->msg.begin + task->msg.len;

  1689. 	st->boundaries = g_array_sized_new (FALSE, FALSE,

  1690. 			sizeof (struct rspamd_mime_boundary), 8);

  1691. 	st->task = task;

  1692. 

  1693. 	if (st->pos == NULL) {

  1694. 		st->pos = task->msg.begin;

  1695. 	}

  1696. 

  1697. 	st->start = task->msg.begin;

  1698. 	ret = rspamd_mime_parse_message (task, NULL, st, err);

  1699. 	rspamd_mime_parse_stack_free (st);

  1700. 

  1701. 	return ret;

  1702. }