commit 4e00e9f: [Minor] mime_types - add filename whitelist

Wed Jan 30 13:07:03 UTC 2019

Author: Carsten Rosenberg
Date: 2019-01-29 20:22:41 +0100
URL: https://github.com/rspamd/rspamd/commit/4e00e9f13988ad1fb7d9868810f8c04fb2834b9c (refs/pull/2735/head)

[Minor] mime_types - add filename whitelist

---
 src/plugins/lua/mime_types.lua             | 11 +++++++++++
 test/functional/cases/105_mimetypes.robot  |  6 ++++++
 test/functional/configs/maps/mime_types.wl |  1 +
 test/functional/configs/mime_types.conf    |  1 +
 test/functional/messages/exe_attm.eml      | 22 ++++++++++++++++++++++
 5 files changed, 41 insertions(+)

diff --git a/src/plugins/lua/mime_types.lua b/src/plugins/lua/mime_types.lua
index d53250510..f0cc0f2dc 100644
--- a/src/plugins/lua/mime_types.lua
+++ b/src/plugins/lua/mime_types.lua
@@ -22,6 +22,7 @@ end
 local logger = require "rspamd_logger"
 local lua_util = require "lua_util"
 local rspamd_util = require "rspamd_util"
+local lua_maps = require "lua_maps"
 local N = "mime_types"
 local settings = {
   file = '',
@@ -845,6 +846,13 @@ local function check_mime_type(task)
     -- Replace potentially bad characters with '?'
     fname = fname:gsub('[^%s%g]', '?')
 
+    -- Check file is in filename whitelist
+    if settings.filename_whitelist:get_key(fname) then
+      logger.debugm("mime_types", task, "skip checking of %s - file is in filename whitelist",
+        fname)
+      return
+    end
+
     local ext,ext2,parts = gen_extension(fname)
     -- ext is the last extension, LOWERCASED
     -- ext2 is the one before last extension LOWERCASED
@@ -1073,6 +1081,9 @@ if opts then
     settings[k] = v
   end
 
+  settings.filename_whitelist = lua_maps.rspamd_map_add('mime_types', 'filename_whitelist', 'regexp',
+    'filename whitelist')
+
   local function change_extension_map_entry(ext, ct, mult)
     if type(ct) == 'table' then
       local tbl = {}
diff --git a/test/functional/cases/105_mimetypes.robot b/test/functional/cases/105_mimetypes.robot
index 54a9cb4bb..b9efd3e3c 100644
--- a/test/functional/cases/105_mimetypes.robot
+++ b/test/functional/cases/105_mimetypes.robot
@@ -55,6 +55,12 @@ Multipart Archive Extension
   ${result} =  Scan Message With Rspamc  ${TESTDIR}/messages/f.zip.001.eml
   Should Not Contain  ${result.stdout}  MIME_ARCHIVE_IN_ARCHIVE
 
+Exe file, but name in filename_whitelist
+  ${result} =  Scan Message With Rspamc  ${TESTDIR}/messages/exe_attm.eml
+  Should Not Contain  ${result.stdout}  MIME_BAD_EXTENSION
+  Should Not Contain  ${result.stdout}  MIME_BAD_ATTACHMENT
+  Should Not Contain  ${result.stdout}  MIME_DOUBLE_BAD_EXTENSION
+
 Empty text part should not be treat as html
   ${result} =  Scan Message With Rspamc  ${TESTDIR}/messages/empty-plain-text.eml
   Should Not Contain  ${result.stdout}  FORGED_OUTLOOK_HTML
diff --git a/test/functional/configs/maps/mime_types.wl b/test/functional/configs/maps/mime_types.wl
new file mode 100644
index 000000000..eca07bddc
--- /dev/null
+++ b/test/functional/configs/maps/mime_types.wl
@@ -0,0 +1 @@
+/^hello_world\.exe$/
diff --git a/test/functional/configs/mime_types.conf b/test/functional/configs/mime_types.conf
index a16434b6a..e28feba98 100644
--- a/test/functional/configs/mime_types.conf
+++ b/test/functional/configs/mime_types.conf
@@ -15,4 +15,5 @@ mime_types {
             "application/pdf",
         ]
     }
+    filename_whitelist = "${TESTDIR}/configs/maps/mime_types.wl";
 }
diff --git a/test/functional/messages/exe_attm.eml b/test/functional/messages/exe_attm.eml
new file mode 100644
index 000000000..2ab0e9420
--- /dev/null
+++ b/test/functional/messages/exe_attm.eml
@@ -0,0 +1,22 @@
+Return-Path: <root at srv.example.com>
+To: test at example.com
+From: root at srv.example.com
+Subject: test Sat, 26 Jan 2019 12:04:58 +0100
+Message-Id: <20190126120458.015328 at srv.example.com>
+Date: Sat, 26 Jan 2019 12:04:58 +0100
+MIME-Version: 1.0
+Content-Type: multipart/mixed; boundary="----=_MIME_BOUNDARY_000_15328"
+
+------=_MIME_BOUNDARY_000_15328
+Content-Type: text/plain
+
+This is a test mailing
+------=_MIME_BOUNDARY_000_15328
+Content-Type: application/octet-stream; name="hello_world.exe"
+Content-Description: hello_world.exe
+Content-Disposition: attachment; filename="hello_world.exe"
+Content-Transfer-Encoding: BASE64
+
+f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAAUBAAAAAAAABAAAAAAAAAAGA5AAAAAAAAAAAAAEAAOAAL
+
+------=_MIME_BOUNDARY_000_15328--
