diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2019-02-21 13:06:35 +0000 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2019-02-21 13:06:35 +0000 |
| commit | 1c54d4c494b15fc5285417f9247ca05ea061d487 (patch) | |
| tree | 8703a843a1819c0edec4373a01813fbd97ef3bc8 | |
| parent | 2ded1a6c4556a6ee20620df1416ca53253cdc773 (diff) | |
| download | rspamd-1c54d4c494b15fc5285417f9247ca05ea061d487.tar.gz rspamd-1c54d4c494b15fc5285417f9247ca05ea061d487.zip | |
[Fix] Add filter for absurdic URLs
| -rw-r--r-- | src/libserver/html.c | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/src/libserver/html.c b/src/libserver/html.c index c33aacf82..de632201c 100644 --- a/src/libserver/html.c +++ b/src/libserver/html.c @@ -1346,7 +1346,7 @@ rspamd_html_process_url (rspamd_mempool_t *pool, const gchar *start, guint len, } } - if (memchr (s, ':', len) == NULL) { + if (rspamd_substring_search (start, len, "://", 3) == -1) { /* We have no prefix */ dlen += sizeof ("http://") - 1; no_prefix = TRUE; @@ -1361,9 +1361,25 @@ rspamd_html_process_url (rspamd_mempool_t *pool, const gchar *start, guint len, memcpy (d, "http:", sizeof ("http:") - 1); d += sizeof ("http:") - 1; } + else if (s[0] == '\\' && (len > 2 && s[1] == '\\')) { + /* Likely SMB share, ignore */ + return NULL; + } else { - memcpy (d, "http://", sizeof ("http://") - 1); - d += sizeof ("http://") - 1; + if (s[0] == '.') { + /* + * We have relative URL without base URL: + * the former is covered by caller function which + * checks for the base URL. + * + * In the most cases, it is caused by a broken client + */ + return NULL; + } + else if ((s[0] & 0x80) || g_ascii_isalnum (s[0])) { + memcpy (d, "http://", sizeof ("http://") - 1); + d += sizeof ("http://") - 1; + } } } |