diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2019-10-16 11:42:48 +0100 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2019-10-16 11:42:48 +0100 |
| commit | 16190652c032e771fb2d6677491a1c16762b56ff (patch) | |
| tree | 0ef4927d1232844375d116df12f3489f7228ca05 /src/libmime/archives.c | |
| parent | 52d43acb2cfeeb65c05b9087d7c3e7555a8d04ce (diff) | |
| download | rspamd-16190652c032e771fb2d6677491a1c16762b56ff.tar.gz rspamd-16190652c032e771fb2d6677491a1c16762b56ff.zip | |
[Fix] Fix zip files check to relax requirements
Diffstat (limited to 'src/libmime/archives.c')
| -rw-r--r-- | src/libmime/archives.c | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/src/libmime/archives.c b/src/libmime/archives.c index b1c1624a4..cc81326ec 100644 --- a/src/libmime/archives.c +++ b/src/libmime/archives.c @@ -175,13 +175,13 @@ rspamd_archive_process_zip (struct rspamd_task *task, if (eocd == NULL) { /* Not a zip file */ - msg_debug_archive ("zip archive is invalid (no EOCD)"); + msg_info_task ("zip archive is invalid (no EOCD)"); return; } if (end - eocd < 21) { - msg_debug_archive ("zip archive is invalid (short EOCD)"); + msg_info_task ("zip archive is invalid (short EOCD)"); return; } @@ -193,8 +193,8 @@ rspamd_archive_process_zip (struct rspamd_task *task, cd_offset = GUINT32_FROM_LE (cd_offset); /* We need to check sanity as well */ - if (cd_offset + cd_size != (guint)(eocd - start)) { - msg_debug_archive ("zip archive is invalid (bad size/offset for CD)"); + if (cd_offset + cd_size > (guint)(eocd - start)) { + msg_info_task ("zip archive is invalid (bad size/offset for CD)"); return; } @@ -207,13 +207,13 @@ rspamd_archive_process_zip (struct rspamd_task *task, rspamd_mempool_add_destructor (task->task_pool, rspamd_archive_dtor, arch); - while (cd < eocd) { + while (cd < start + cd_offset + cd_size) { guint16 flags; /* Read central directory record */ if (eocd - cd < cd_basic_len || memcmp (cd, cd_magic, sizeof (cd_magic)) != 0) { - msg_debug_archive ("zip archive is invalid (bad cd record)"); + msg_info_task ("zip archive is invalid (bad cd record)"); return; } @@ -232,7 +232,7 @@ rspamd_archive_process_zip (struct rspamd_task *task, comment_len = GUINT16_FROM_LE (comment_len); if (cd + fname_len + comment_len + extra_len + cd_basic_len > eocd) { - msg_debug_archive ("zip archive is invalid (too large cd record)"); + msg_info_task ("zip archive is invalid (too large cd record)"); return; } @@ -1892,6 +1892,14 @@ rspamd_archive_cheat_detect (struct rspamd_mime_part *part, const gchar *str, } } } + else { + if (magic_start != NULL) { + if (part->parsed_data.len > magic_len && + memcmp (part->parsed_data.begin, magic_start, magic_len) == 0) { + return TRUE; + } + } + } return FALSE; } @@ -1927,8 +1935,12 @@ rspamd_archives_process (struct rspamd_task *task) } if (IS_CT_TEXT (part->ct) && - (part->flags & RSPAMD_MIME_PART_ARCHIVE)) { - msg_info_task ("found archive with incorrect content-type: %T/%T", + (part->flags & RSPAMD_MIME_PART_ARCHIVE) && + part->specific.arch) { + struct rspamd_archive *arch = part->specific.arch; + + msg_info_task ("found %s archive with incorrect content-type: %T/%T", + rspamd_archive_type_str (arch->type), &part->ct->type, &part->ct->subtype); part->ct->flags |= RSPAMD_CONTENT_TYPE_BROKEN; } |