commit 77d0030: [Minor] Archives: Distinguish compressed headers and encrypted archives
Vsevolod Stakhov
vsevolod at highsecure.ru
Wed May 22 15:56:03 UTC 2019
Author: Vsevolod Stakhov
Date: 2019-05-22 15:06:32 +0100
URL: https://github.com/rspamd/rspamd/commit/77d0030eff22ebed1ab4b3a124142b8fff38fb4a (HEAD -> master)
[Minor] Archives: Distinguish compressed headers and encrypted archives
---
src/libmime/archives.c | 3 ++-
src/libmime/archives.h | 1 +
src/lua/lua_task.c | 18 ++++++++++++++++++
src/plugins/lua/mime_types.lua | 11 +++++++++--
4 files changed, 30 insertions(+), 3 deletions(-)
diff --git a/src/libmime/archives.c b/src/libmime/archives.c
index 9c0336ac8..c19991eb6 100644
--- a/src/libmime/archives.c
+++ b/src/libmime/archives.c
@@ -1590,7 +1590,8 @@ rspamd_7zip_read_next_section (struct rspamd_task *task,
* In fact, headers are just packed, but we assume it as
* encrypted to distinguish from the normal archives
*/
- arch->flags |= RSPAMD_ARCHIVE_ENCRYPTED;
+ msg_debug_archive ("7zip: encoded header, needs to be uncompressed");
+ arch->flags |= RSPAMD_ARCHIVE_CANNOT_READ;
p = NULL; /* Cannot get anything useful */
break;
case kArchiveProperties:
diff --git a/src/libmime/archives.h b/src/libmime/archives.h
index e4e7b8b03..6abfb857a 100644
--- a/src/libmime/archives.h
+++ b/src/libmime/archives.h
@@ -27,6 +27,7 @@ enum rspamd_archive_type {
enum rspamd_archive_flags {
RSPAMD_ARCHIVE_ENCRYPTED = (1u << 0u),
+ RSPAMD_ARCHIVE_CANNOT_READ = (1u << 1u),
};
enum rspamd_archive_file_flags {
diff --git a/src/lua/lua_task.c b/src/lua/lua_task.c
index 2529b88d6..e58ff17c7 100644
--- a/src/lua/lua_task.c
+++ b/src/lua/lua_task.c
@@ -1171,6 +1171,7 @@ LUA_FUNCTION_DEF (archive, get_type);
LUA_FUNCTION_DEF (archive, get_files);
LUA_FUNCTION_DEF (archive, get_files_full);
LUA_FUNCTION_DEF (archive, is_encrypted);
+LUA_FUNCTION_DEF (archive, is_unreadable);
LUA_FUNCTION_DEF (archive, get_filename);
LUA_FUNCTION_DEF (archive, get_size);
@@ -1179,6 +1180,7 @@ static const struct luaL_reg archivelib_m[] = {
LUA_INTERFACE_DEF (archive, get_files),
LUA_INTERFACE_DEF (archive, get_files_full),
LUA_INTERFACE_DEF (archive, is_encrypted),
+ LUA_INTERFACE_DEF (archive, is_unreadable),
LUA_INTERFACE_DEF (archive, get_filename),
LUA_INTERFACE_DEF (archive, get_size),
{"__tostring", rspamd_lua_class_tostring},
@@ -5935,6 +5937,22 @@ lua_archive_is_encrypted (lua_State *L)
return 1;
}
+static gint
+lua_archive_is_unreadable (lua_State *L)
+{
+ LUA_TRACE_POINT;
+ struct rspamd_archive *arch = lua_check_archive (L);
+
+ if (arch != NULL) {
+ lua_pushboolean (L, (arch->flags & RSPAMD_ARCHIVE_CANNOT_READ) ? true : false);
+ }
+ else {
+ return luaL_error (L, "invalid arguments");
+ }
+
+ return 1;
+}
+
static gint
lua_archive_get_size (lua_State *L)
{
diff --git a/src/plugins/lua/mime_types.lua b/src/plugins/lua/mime_types.lua
index 63641b7d0..ccea74dc3 100644
--- a/src/plugins/lua/mime_types.lua
+++ b/src/plugins/lua/mime_types.lua
@@ -1037,13 +1037,20 @@ local function check_mime_type(task)
if ext and settings.archive_exceptions[ext] then
check = false
logger.debugm("mime_types", task, "skip checking of %s as archive, %s is whitelisted",
- filename, ext)
+ filename, ext)
end
end
local arch = p:get_archive()
if arch:is_encrypted() then
- task:insert_result(settings['symbol_encrypted_archive'], 1.0, filename)
+ task:insert_result(settings.symbol_encrypted_archive, 1.0, filename)
+ task:insert_result('MIME_TRACE', 0.0,
+ string.format("%s:%s", p:get_id(), '-'))
+ elseif arch:is_unreadable() then
+ task:insert_result(settings.symbol_encrypted_archive, 0.5, {
+ 'compressed header',
+ filename,
+ })
task:insert_result('MIME_TRACE', 0.0,
string.format("%s:%s", p:get_id(), '-'))
end
More information about the Commits
mailing list