diff options
author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2017-02-22 16:41:15 +0000 |
---|---|---|
committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2017-02-22 16:41:37 +0000 |
commit | 8c60c92bb97e9904164f5edafe32fd2a66789624 (patch) | |
tree | 1c7196cca1c42fba5624b0538f7ce23a48dd01f4 /src/libmime/mime_parser.c | |
parent | f73f35e9f28fae04f08c2c0a7d574a70bb20d443 (diff) | |
download | rspamd-8c60c92bb97e9904164f5edafe32fd2a66789624.tar.gz rspamd-8c60c92bb97e9904164f5edafe32fd2a66789624.zip |
[CritFix] Fix parsing of boundaries that end with `--`
Diffstat (limited to 'src/libmime/mime_parser.c')
-rw-r--r-- | src/libmime/mime_parser.c | 34 |
1 files changed, 28 insertions, 6 deletions
diff --git a/src/libmime/mime_parser.c b/src/libmime/mime_parser.c index 7061bc429..b445144e7 100644 --- a/src/libmime/mime_parser.c +++ b/src/libmime/mime_parser.c @@ -566,6 +566,7 @@ rspamd_multipart_boundaries_filter (struct rspamd_task *task, else if (cb->bhash == cur->closed_hash) { /* Not a closing element in fact */ cur->flags &= ~(RSPAMD_MIME_BOUNDARY_FLAG_CLOSED); + cur->hash = cur->closed_hash; sel = i; break; } @@ -591,12 +592,18 @@ rspamd_multipart_boundaries_filter (struct rspamd_task *task, break; } - if (cur->hash == cb->bhash) { + if (cur->hash == cb->bhash || cur->closed_hash == cb->bhash) { if (!rspamd_mime_parse_multipart_cb (task, multipart, st, cb, cur)) { return FALSE; } + if (cur->closed_hash == cb->bhash) { + /* We have again fake closed hash */ + cur->flags &= ~(RSPAMD_MIME_BOUNDARY_FLAG_CLOSED); + cur->hash = cur->closed_hash; + } + if (RSPAMD_BOUNDARY_IS_CLOSED (cur)) { /* We also might check the next boundary... */ if (i < st->boundaries->len - 1) { @@ -606,6 +613,12 @@ rspamd_multipart_boundaries_filter (struct rspamd_task *task, if (cur->hash == cb->bhash) { continue; } + else if (cur->closed_hash == cb->bhash) { + /* We have again fake closed hash */ + cur->flags &= ~(RSPAMD_MIME_BOUNDARY_FLAG_CLOSED); + cur->hash = cur->closed_hash; + continue; + } } break; @@ -729,16 +742,24 @@ rspamd_mime_preprocess_cb (struct rspamd_multipattern *mp, b.boundary = p - st->start - 3; b.start = bend - st->start; - lc_copy = g_malloc (blen); - memcpy (lc_copy, p, blen); - rspamd_str_lc (lc_copy, blen); + if (closing) { + lc_copy = g_malloc (blen + 2); + memcpy (lc_copy, p, blen + 2); + rspamd_str_lc (lc_copy, blen + 2); + } + else { + lc_copy = g_malloc (blen); + memcpy (lc_copy, p, blen); + rspamd_str_lc (lc_copy, blen); + } + rspamd_cryptobox_siphash ((guchar *)&b.hash, lc_copy, blen, lib_ctx->hkey); - g_free (lc_copy); if (closing) { b.flags = RSPAMD_MIME_BOUNDARY_FLAG_CLOSED; - rspamd_cryptobox_siphash ((guchar *)&b.closed_hash, p, blen + 2, + rspamd_cryptobox_siphash ((guchar *)&b.closed_hash, lc_copy, + blen + 2, lib_ctx->hkey); } else { @@ -746,6 +767,7 @@ rspamd_mime_preprocess_cb (struct rspamd_multipattern *mp, b.closed_hash = 0; } + g_free (lc_copy); g_array_append_val (st->boundaries, b); } } |