X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=blobdiff_plain;f=src%2Fsrc%2Fmime.c;h=3a30e6e4c7916715a60fcb2f62fde16c73a2c232;hp=618364a3ecbbde1bcc0de6e4e63518c08fdf86b1;hb=f4bb363fd4d29d2fae5e6abd006c6e078679c987;hpb=3386088d5af4d4c61faa12ae29560e2c5bd43304 diff --git a/src/src/mime.c b/src/src/mime.c index 618364a3e..3a30e6e4c 100644 --- a/src/src/mime.c +++ b/src/src/mime.c @@ -2,8 +2,10 @@ * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) Tom Kistner 2004, 2015 */ -/* License: GPL */ +/* Copyright (c) Tom Kistner 2004, 2015 + * License: GPL + * Copyright (c) The Exim Maintainers 2016 + */ #include "exim.h" #ifdef WITH_CONTENT_SCAN /* entire file */ @@ -13,19 +15,43 @@ FILE *mime_stream = NULL; uschar *mime_current_boundary = NULL; +static mime_header mime_header_list[] = { + { US"content-type:", 13, &mime_content_type }, + { US"content-disposition:", 20, &mime_content_disposition }, + { US"content-transfer-encoding:", 26, &mime_content_transfer_encoding }, + { US"content-id:", 11, &mime_content_id }, + { US"content-description:", 20, &mime_content_description } +}; + +static int mime_header_list_size = nelem(mime_header_list); + +static mime_parameter mime_parameter_list[] = { + { US"name=", 5, &mime_filename }, + { US"filename=", 9, &mime_filename }, + { US"charset=", 8, &mime_charset }, + { US"boundary=", 9, &mime_boundary } +}; + + /************************************************* * set MIME anomaly level + text * *************************************************/ /* Small wrapper to set the two expandables which give info on detected "problems" in MIME - encodings. Those are defined in mime.h. */ + encodings. Indexes are defined in mime.h. */ -static void -mime_set_anomaly(int level, const char *text) +void +mime_set_anomaly(int idx) { - mime_anomaly_level = level; - mime_anomaly_text = CUS text; +struct anom { + int level; + const uschar * text; +} anom[] = { {1, CUS"Broken Quoted-Printable encoding detected"}, + {2, CUS"Broken BASE64 encoding detected"} }; + +mime_anomaly_level = anom[idx].level; +mime_anomaly_text = anom[idx].text; } @@ -99,84 +125,6 @@ mime_decode_asis(FILE* in, FILE* out, uschar* boundary) } -/* decode base64 MIME part */ -static ssize_t -mime_decode_base64(FILE* in, FILE* out, uschar* boundary) -{ - uschar ibuf[MIME_MAX_LINE_LENGTH], obuf[MIME_MAX_LINE_LENGTH]; - uschar *ipos, *opos; - ssize_t len, size = 0; - int bytestate = 0; - - opos = obuf; - - while (Ufgets(ibuf, MIME_MAX_LINE_LENGTH, in) != NULL) - { - if (boundary != NULL - && Ustrncmp(ibuf, "--", 2) == 0 - && Ustrncmp((ibuf+2), boundary, Ustrlen(boundary)) == 0 - ) - break; - - for (ipos = ibuf ; *ipos != '\r' && *ipos != '\n' && *ipos != 0; ++ipos) - { - if (*ipos == '=') /* skip padding */ - { - ++bytestate; - continue; - } - if (mime_b64[*ipos] == 128) /* skip bad characters */ - { - mime_set_anomaly(MIME_ANOMALY_BROKEN_BASE64); - continue; - } - - /* simple state-machine */ - switch((bytestate++) & 3) - { - case 0: - *opos = mime_b64[*ipos] << 2; - break; - case 1: - *opos |= mime_b64[*ipos] >> 4; - ++opos; - *opos = mime_b64[*ipos] << 4; - break; - case 2: - *opos |= mime_b64[*ipos] >> 2; - ++opos; - *opos = mime_b64[*ipos] << 6; - break; - case 3: - *opos |= mime_b64[*ipos]; - ++opos; - break; - } /* switch */ - } /* for */ - - /* something to write? */ - len = opos - obuf; - if (len > 0) - { - if (fwrite(obuf, 1, len, out) != len) return -1; /* error */ - size += len; - /* copy incomplete last byte to start of obuf, where we continue */ - if ((bytestate & 3) != 0) - *obuf = *opos; - opos = obuf; - } - } /* while */ - - /* write out last byte if it was incomplete */ - if (bytestate & 3) - { - if (fwrite(obuf, 1, 1, out) != 1) return -1; - ++size; - } - - return size; -} - /* decode quoted-printable MIME part */ static ssize_t @@ -209,24 +157,16 @@ while (fgets(CS ibuf, MIME_MAX_LINE_LENGTH, in) != NULL) { /* Error from decoder. ipos is unchanged. */ mime_set_anomaly(MIME_ANOMALY_BROKEN_QP); - *opos = '='; - ++opos; + *opos++ = '='; ++ipos; } else if (decode_qp_result == -1) break; else if (decode_qp_result >= 0) - { - *opos = decode_qp_result; - ++opos; - } + *opos++ = decode_qp_result; } else - { - *opos = *ipos; - ++opos; - ++ipos; - } + *opos++ = *ipos++; } /* something to write? */ len = opos - obuf; @@ -240,21 +180,17 @@ return size; } +/* + * Return open filehandle for combo of path and file. + * Side-effect: set mime_decoded_filename, to copy in allocated mem + */ static FILE * mime_get_decode_file(uschar *pname, uschar *fname) { -FILE *f = NULL; -uschar *filename; - -filename = (uschar *)malloc(2048); - if (pname && fname) - { - (void)string_format(filename, 2048, "%s/%s", pname, fname); - f = modefopen(filename,"wb+",SPOOL_MODE); - } + mime_decoded_filename = string_sprintf("%s/%s", pname, fname); else if (!pname) - f = modefopen(fname,"wb+",SPOOL_MODE); + mime_decoded_filename = string_copy(fname); else if (!fname) { int file_nr = 0; @@ -264,21 +200,15 @@ else if (!fname) do { struct stat mystat; - (void)string_format(filename, 2048, - "%s/%s-%05u", pname, message_id, file_nr++); + mime_decoded_filename = string_sprintf("%s/%s-%05u", pname, message_id, file_nr++); /* security break */ if (file_nr >= 1024) break; - result = stat(CS filename, &mystat); + result = stat(CS mime_decoded_filename, &mystat); } while(result != -1); - - f = modefopen(filename, "wb+", SPOOL_MODE); } -/* set expansion variable */ -mime_decoded_filename = filename; - -return f; +return modefopen(mime_decoded_filename, "wb+", SPOOL_MODE); } @@ -295,11 +225,9 @@ long f_pos = 0; ssize_t size_counter = 0; ssize_t (*decode_function)(FILE*, FILE*, uschar*); -if (mime_stream == NULL) +if (!mime_stream || (f_pos = ftell(mime_stream)) < 0) return FAIL; -f_pos = ftell(mime_stream); - /* build default decode path (will exist since MBOX must be spooled up) */ (void)string_format(decode_path,1024,"%s/scan/%s",spool_directory,message_id); @@ -309,7 +237,7 @@ if ((option = string_nextinlist(&list, &sep, sizeof(option_buffer))) != NULL) { /* parse 1st option */ - if ( (Ustrcmp(option,"false") == 0) || (Ustrcmp(option,"0") == 0) ) + if ((Ustrcmp(option,"false") == 0) || (Ustrcmp(option,"0") == 0)) /* explicitly no decoding */ return FAIL; @@ -358,7 +286,8 @@ decode_function = size_counter = decode_function(mime_stream, decode_file, mime_current_boundary); clearerr(mime_stream); -fseek(mime_stream, f_pos, SEEK_SET); +if (fseek(mime_stream, f_pos, SEEK_SET)) + return DEFER; if (fclose(decode_file) != 0 || size_counter < 0) return DEFER; @@ -509,18 +438,18 @@ uschar * s = *sp; uschar * val = NULL; int size = 0, ptr = 0; -/* debug_printf(" considering paramval '%s'\n", s); */ +/* debug_printf_indent(" considering paramval '%s'\n", s); */ while (*s && *s != ';') /* ; terminates */ if (*s == '"') { s++; /* skip opening " */ while (*s && *s != '"') /* " protects ; */ - val = string_cat(val, &size, &ptr, s++, 1); + val = string_catn(val, &size, &ptr, s++, 1); if (*s) s++; /* skip closing " */ } else - val = string_cat(val, &size, &ptr, s++, 1); + val = string_catn(val, &size, &ptr, s++, 1); if (val) val[ptr] = '\0'; *sp = s; return val; @@ -547,23 +476,24 @@ static uschar * rfc2231_to_2047(const uschar * fname, const uschar * charset, int * len) { int size = 0, ptr = 0; -uschar * val = string_cat(NULL, &size, &ptr, US"=?", 2); +uschar * val = string_catn(NULL, &size, &ptr, US"=?", 2); uschar c; -val = string_cat(val, &size, &ptr, charset, Ustrlen(charset)); -val = string_cat(val, &size, &ptr, US"?Q?", 3); +if (charset) + val = string_cat(val, &size, &ptr, charset); +val = string_catn(val, &size, &ptr, US"?Q?", 3); while ((c = *fname)) if (c == '%' && isxdigit(fname[1]) && isxdigit(fname[2])) { - val = string_cat(val, &size, &ptr, US"=", 1); - val = string_cat(val, &size, &ptr, ++fname, 2); + val = string_catn(val, &size, &ptr, US"=", 1); + val = string_catn(val, &size, &ptr, ++fname, 2); fname += 2; } else - val = string_cat(val, &size, &ptr, fname++, 1); + val = string_catn(val, &size, &ptr, fname++, 1); -val = string_cat(val, &size, &ptr, US"?=", 2); +val = string_catn(val, &size, &ptr, US"?=", 2); val[*len = ptr] = '\0'; return val; } @@ -607,7 +537,7 @@ while(1) if (!fgets(CS header, MIME_MAX_HEADER_SIZE, f)) { /* Hit EOF or read error. Ugh. */ - DEBUG(D_acl) debug_printf("Hit EOF ...\n"); + DEBUG(D_acl) debug_printf_indent("MIME: Hit EOF ...\n"); return rc; } @@ -619,12 +549,12 @@ while(1) if (Ustrncmp((header+2+Ustrlen(context->boundary)), "--", 2) == 0) { /* END boundary found */ - DEBUG(D_acl) debug_printf("End boundary found %s\n", + DEBUG(D_acl) debug_printf_indent("MIME: End boundary found %s\n", context->boundary); return rc; } - DEBUG(D_acl) debug_printf("Next part with boundary %s\n", + DEBUG(D_acl) debug_printf_indent("MIME: Next part with boundary %s\n", context->boundary); break; } @@ -648,7 +578,7 @@ while(1) for (q = p; *q != ';' && *q; q++) ; *mh->value = string_copynlc(p, q-p); - DEBUG(D_acl) debug_printf("found %s MIME header, value is '%s'\n", + DEBUG(D_acl) debug_printf_indent("MIME: found %s header, value is '%s'\n", mh->name, *mh->value); if (*(p = q)) p++; /* jump past the ; */ @@ -666,7 +596,7 @@ while(1) { mime_parameter * mp; - DEBUG(D_acl) debug_printf(" considering paramlist '%s'\n", p); + DEBUG(D_acl) debug_printf_indent("MIME: considering paramlist '%s'\n", p); if ( !mime_filename && strncmpic(CUS"content-disposition:", header, 20) == 0 @@ -700,22 +630,27 @@ while(1) uschar * s = q; /* look for a ' in the "filename" */ - while(*s != '\'' && *s) s++; /* s is ' or NUL */ + while(*s != '\'' && *s) s++; /* s is 1st ' or NUL */ if ((size = s-q) > 0) - { mime_filename_charset = string_copyn(q, size); - p = s; - while(*p == '\'' && *p) p++; /* p is after ' */ - } + if (*(p = s)) p++; + while(*p == '\'') p++; /* p is after 2nd ' */ } else p = q; + DEBUG(D_acl) debug_printf_indent("MIME: charset %s fname '%s'\n", + mime_filename_charset ? mime_filename_charset : US"", p); + temp_string = rfc2231_to_2047(p, mime_filename_charset, &slen); - temp_string = rfc2047_decode(temp_string, FALSE, NULL, 32, + DEBUG(D_acl) debug_printf_indent("MIME: 2047-name %s\n", temp_string); + + temp_string = rfc2047_decode(temp_string, FALSE, NULL, ' ', NULL, &err_msg); + DEBUG(D_acl) debug_printf_indent("MIME: plain-name %s\n", temp_string); + size = Ustrlen(temp_string); if (size == slen) @@ -749,8 +684,8 @@ while(1) ? rfc2047_decode(q, check_rfc2047_length, NULL, 32, NULL, &dummy_errstr) : NULL; - DEBUG(D_acl) debug_printf( - " found %s MIME parameter in %s header, value '%s'\n", + DEBUG(D_acl) debug_printf_indent( + "MIME: found %s parameter in %s header, value '%s'\n", mp->name, mh->name, *mp->value); break; /* done matching param names */ @@ -767,8 +702,8 @@ while(1) { if (decoding_failed) mime_filename = mime_fname_rfc2231; - DEBUG(D_acl) debug_printf( - " found %s MIME parameter in %s header, value is '%s'\n", + DEBUG(D_acl) debug_printf_indent( + "MIME: found %s parameter in %s header, value is '%s'\n", "filename", mh->name, mime_filename); } } @@ -809,8 +744,9 @@ while(1) (nested_context.boundary != NULL) && (Ustrncmp(mime_content_type,"multipart",9) == 0) ) { - DEBUG(D_acl) debug_printf("Entering multipart recursion, boundary '%s'\n", - nested_context.boundary); + DEBUG(D_acl) + debug_printf_indent("MIME: Entering multipart recursion, boundary '%s'\n", + nested_context.boundary); nested_context.context = context && context->context == MBC_ATTACHMENT @@ -855,7 +791,7 @@ while(1) if (!mime_decoded_filename) /* decoding failed */ { log_write(0, LOG_MAIN, - "mime_regex acl condition warning - could not decode RFC822 MIME part to file."); + "MIME acl condition warning - could not decode RFC822 MIME part to file."); rc = DEFER; goto out; }