diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2016-12-30 16:46:37 +0000 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2016-12-30 16:46:37 +0000 |
| commit | c90979e9ee739f6584cf732c45e1b5fb7c641b1c (patch) | |
| tree | d0dc4ae70bd2afc17fe53ccd0766addbfe741a69 /src/libmime/mime_parser.c | |
| parent | 3a98d054f54cd3f558dc3596fdde46d7c456d0fc (diff) | |
| download | rspamd-c90979e9ee739f6584cf732c45e1b5fb7c641b1c.tar.gz rspamd-c90979e9ee739f6584cf732c45e1b5fb7c641b1c.zip | |
[Feature] Do not trust CTE, check base64 and qp strictly
Diffstat (limited to 'src/libmime/mime_parser.c')
| -rw-r--r-- | src/libmime/mime_parser.c | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/src/libmime/mime_parser.c b/src/libmime/mime_parser.c index 777ef074c..000cc2d92 100644 --- a/src/libmime/mime_parser.c +++ b/src/libmime/mime_parser.c @@ -145,7 +145,7 @@ rspamd_mime_parse_cte (const gchar *in, gsize len) return ret; } -static void +static enum rspamd_cte rspamd_mime_part_get_cte_heuristic (struct rspamd_task *task, struct rspamd_mime_part *part) { @@ -192,8 +192,8 @@ rspamd_mime_part_get_cte_heuristic (struct rspamd_task *task, ret = RSPAMD_CTE_8BIT; } - part->cte = ret; msg_debug_mime ("detected cte: %s", rspamd_cte_to_string (ret)); + return ret; } static void @@ -209,7 +209,8 @@ rspamd_mime_part_get_cte (struct rspamd_task *task, struct rspamd_mime_part *par "Content-Transfer-Encoding", FALSE); if (hdrs == NULL) { - rspamd_mime_part_get_cte_heuristic (task, part); + part->cte = rspamd_mime_part_get_cte_heuristic (task, part); + part->flags |= RSPAMD_MIME_PART_BAD_CTE; } else { for (i = 0; i < hdrs->len; i ++) { @@ -221,15 +222,27 @@ rspamd_mime_part_get_cte (struct rspamd_task *task, struct rspamd_mime_part *par cte = rspamd_mime_parse_cte (hdr->value, hlen); if (cte != RSPAMD_CTE_UNKNOWN) { + part->cte = cte; break; } } - if (cte == RSPAMD_CTE_UNKNOWN) { - rspamd_mime_part_get_cte_heuristic (task, part); + if (part->cte == RSPAMD_CTE_UNKNOWN) { + part->cte = rspamd_mime_part_get_cte_heuristic (task, part); + } + else if (part->cte == RSPAMD_CTE_B64 || part->cte == RSPAMD_CTE_QP) { + /* Additionally check sanity */ + cte = rspamd_mime_part_get_cte_heuristic (task, part); + + if (cte != part->cte) { + msg_info_task ("incorrect cte specified for part: %s, %s detected", + rspamd_cte_to_string (part->cte), + rspamd_cte_to_string (cte)); + part->cte = cte; + part->flags |= RSPAMD_MIME_PART_BAD_CTE; + } } else { - part->cte = cte; msg_debug_mime ("processed cte: %s", rspamd_cte_to_string (cte)); } } |