aboutsummaryrefslogtreecommitdiffstats
path: root/src/libmime
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2016-12-30 16:46:37 +0000
committerVsevolod Stakhov <vsevolod@highsecure.ru>2016-12-30 16:46:37 +0000
commitc90979e9ee739f6584cf732c45e1b5fb7c641b1c (patch)
treed0dc4ae70bd2afc17fe53ccd0766addbfe741a69 /src/libmime
parent3a98d054f54cd3f558dc3596fdde46d7c456d0fc (diff)
downloadrspamd-c90979e9ee739f6584cf732c45e1b5fb7c641b1c.tar.gz
rspamd-c90979e9ee739f6584cf732c45e1b5fb7c641b1c.zip
[Feature] Do not trust CTE, check base64 and qp strictly
Diffstat (limited to 'src/libmime')
-rw-r--r--src/libmime/message.h3
-rw-r--r--src/libmime/mime_parser.c25
2 files changed, 21 insertions, 7 deletions
diff --git a/src/libmime/message.h b/src/libmime/message.h
index c4f0e7a8e..2e0bd6bd5 100644
--- a/src/libmime/message.h
+++ b/src/libmime/message.h
@@ -23,7 +23,8 @@ enum rspamd_mime_part_flags {
RSPAMD_MIME_PART_TEXT = (1 << 0),
RSPAMD_MIME_PART_ATTACHEMENT = (1 << 1),
RSPAMD_MIME_PART_IMAGE = (1 << 2),
- RSPAMD_MIME_PART_ARCHIVE = (1 << 3)
+ RSPAMD_MIME_PART_ARCHIVE = (1 << 3),
+ RSPAMD_MIME_PART_BAD_CTE = (1 << 4)
};
enum rspamd_cte {
diff --git a/src/libmime/mime_parser.c b/src/libmime/mime_parser.c
index 777ef074c..000cc2d92 100644
--- a/src/libmime/mime_parser.c
+++ b/src/libmime/mime_parser.c
@@ -145,7 +145,7 @@ rspamd_mime_parse_cte (const gchar *in, gsize len)
return ret;
}
-static void
+static enum rspamd_cte
rspamd_mime_part_get_cte_heuristic (struct rspamd_task *task,
struct rspamd_mime_part *part)
{
@@ -192,8 +192,8 @@ rspamd_mime_part_get_cte_heuristic (struct rspamd_task *task,
ret = RSPAMD_CTE_8BIT;
}
- part->cte = ret;
msg_debug_mime ("detected cte: %s", rspamd_cte_to_string (ret));
+ return ret;
}
static void
@@ -209,7 +209,8 @@ rspamd_mime_part_get_cte (struct rspamd_task *task, struct rspamd_mime_part *par
"Content-Transfer-Encoding", FALSE);
if (hdrs == NULL) {
- rspamd_mime_part_get_cte_heuristic (task, part);
+ part->cte = rspamd_mime_part_get_cte_heuristic (task, part);
+ part->flags |= RSPAMD_MIME_PART_BAD_CTE;
}
else {
for (i = 0; i < hdrs->len; i ++) {
@@ -221,15 +222,27 @@ rspamd_mime_part_get_cte (struct rspamd_task *task, struct rspamd_mime_part *par
cte = rspamd_mime_parse_cte (hdr->value, hlen);
if (cte != RSPAMD_CTE_UNKNOWN) {
+ part->cte = cte;
break;
}
}
- if (cte == RSPAMD_CTE_UNKNOWN) {
- rspamd_mime_part_get_cte_heuristic (task, part);
+ if (part->cte == RSPAMD_CTE_UNKNOWN) {
+ part->cte = rspamd_mime_part_get_cte_heuristic (task, part);
+ }
+ else if (part->cte == RSPAMD_CTE_B64 || part->cte == RSPAMD_CTE_QP) {
+ /* Additionally check sanity */
+ cte = rspamd_mime_part_get_cte_heuristic (task, part);
+
+ if (cte != part->cte) {
+ msg_info_task ("incorrect cte specified for part: %s, %s detected",
+ rspamd_cte_to_string (part->cte),
+ rspamd_cte_to_string (cte));
+ part->cte = cte;
+ part->flags |= RSPAMD_MIME_PART_BAD_CTE;
+ }
}
else {
- part->cte = cte;
msg_debug_mime ("processed cte: %s", rspamd_cte_to_string (cte));
}
}