aboutsummaryrefslogtreecommitdiffstats
path: root/src/libmime/mime_parser.c
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2017-02-22 16:41:15 +0000
committerVsevolod Stakhov <vsevolod@highsecure.ru>2017-02-22 16:41:37 +0000
commit8c60c92bb97e9904164f5edafe32fd2a66789624 (patch)
tree1c7196cca1c42fba5624b0538f7ce23a48dd01f4 /src/libmime/mime_parser.c
parentf73f35e9f28fae04f08c2c0a7d574a70bb20d443 (diff)
downloadrspamd-8c60c92bb97e9904164f5edafe32fd2a66789624.tar.gz
rspamd-8c60c92bb97e9904164f5edafe32fd2a66789624.zip
[CritFix] Fix parsing of boundaries that end with `--`
Diffstat (limited to 'src/libmime/mime_parser.c')
-rw-r--r--src/libmime/mime_parser.c34
1 files changed, 28 insertions, 6 deletions
diff --git a/src/libmime/mime_parser.c b/src/libmime/mime_parser.c
index 7061bc429..b445144e7 100644
--- a/src/libmime/mime_parser.c
+++ b/src/libmime/mime_parser.c
@@ -566,6 +566,7 @@ rspamd_multipart_boundaries_filter (struct rspamd_task *task,
else if (cb->bhash == cur->closed_hash) {
/* Not a closing element in fact */
cur->flags &= ~(RSPAMD_MIME_BOUNDARY_FLAG_CLOSED);
+ cur->hash = cur->closed_hash;
sel = i;
break;
}
@@ -591,12 +592,18 @@ rspamd_multipart_boundaries_filter (struct rspamd_task *task,
break;
}
- if (cur->hash == cb->bhash) {
+ if (cur->hash == cb->bhash || cur->closed_hash == cb->bhash) {
if (!rspamd_mime_parse_multipart_cb (task, multipart, st,
cb, cur)) {
return FALSE;
}
+ if (cur->closed_hash == cb->bhash) {
+ /* We have again fake closed hash */
+ cur->flags &= ~(RSPAMD_MIME_BOUNDARY_FLAG_CLOSED);
+ cur->hash = cur->closed_hash;
+ }
+
if (RSPAMD_BOUNDARY_IS_CLOSED (cur)) {
/* We also might check the next boundary... */
if (i < st->boundaries->len - 1) {
@@ -606,6 +613,12 @@ rspamd_multipart_boundaries_filter (struct rspamd_task *task,
if (cur->hash == cb->bhash) {
continue;
}
+ else if (cur->closed_hash == cb->bhash) {
+ /* We have again fake closed hash */
+ cur->flags &= ~(RSPAMD_MIME_BOUNDARY_FLAG_CLOSED);
+ cur->hash = cur->closed_hash;
+ continue;
+ }
}
break;
@@ -729,16 +742,24 @@ rspamd_mime_preprocess_cb (struct rspamd_multipattern *mp,
b.boundary = p - st->start - 3;
b.start = bend - st->start;
- lc_copy = g_malloc (blen);
- memcpy (lc_copy, p, blen);
- rspamd_str_lc (lc_copy, blen);
+ if (closing) {
+ lc_copy = g_malloc (blen + 2);
+ memcpy (lc_copy, p, blen + 2);
+ rspamd_str_lc (lc_copy, blen + 2);
+ }
+ else {
+ lc_copy = g_malloc (blen);
+ memcpy (lc_copy, p, blen);
+ rspamd_str_lc (lc_copy, blen);
+ }
+
rspamd_cryptobox_siphash ((guchar *)&b.hash, lc_copy, blen,
lib_ctx->hkey);
- g_free (lc_copy);
if (closing) {
b.flags = RSPAMD_MIME_BOUNDARY_FLAG_CLOSED;
- rspamd_cryptobox_siphash ((guchar *)&b.closed_hash, p, blen + 2,
+ rspamd_cryptobox_siphash ((guchar *)&b.closed_hash, lc_copy,
+ blen + 2,
lib_ctx->hkey);
}
else {
@@ -746,6 +767,7 @@ rspamd_mime_preprocess_cb (struct rspamd_multipattern *mp,
b.closed_hash = 0;
}
+ g_free (lc_copy);
g_array_append_val (st->boundaries, b);
}
}