[Mimedefang] Bad, bad_filename filtering ?
James B. Huber
jbh at genesis-net.net
Wed Oct 8 21:21:00 EDT 2003
Thanks Alan,
However that is what the both the "default" recommended
and linux.org mimedefang-filter modules do. The code
looks like this (Pardon the long line):
$bad_exts =
'(ade|adp|app|asd|asf|asx|bas|bat|chm|cmd|com|cpl|crt|dll|exe|fxp|hlp|hta|hto|inf|ini|ins|isp|jse?|lib|lnk|mdb|mde|msc|msi|msp|mst|ocx|pcd|pif|prg|reg|scr|sct|sh|shb|shs|sys|url|vb|vbe|vbs|vcs|vxd|wmd|wms|wmz|wsc|wsf|wsh|\{[^\}]+\})';
# Do not allow:
# - CLSIDs {foobarbaz}
# - bad extensions (possibly with trailing dots) at end or
# followed by non-alphanum
$re = '\.' . $bad_exts . '\.*([^-A-Za-z0-9_.,]|$)';
return re_match($entity, $re);
Perl is not my greatest expertise, however if you look
at how the $re is constructed, shouldn't the match
be starting at the "right" side ? If so, even if the
"DIRSEP" is looked as a *NIX (I'm running on a RH9 box)
why are we continuing to parse past the last "." in
the line ?
(filename="www.reason.com/links/links100703.shtml")
Perhaps I not making a lot of sense.....I suppose
I could a "basename", but then if it's confused and
won't use both "/" and "\" as DIRSEP that will be
broken as well....
Hmmmm...
Jim
--
On Wed, 2003-10-08 at 20:59, alan premselaar wrote:
> On 10/9/03 8:39 AM, "James B. Huber" <jbh at JudahNet.com> wrote:
>
> > Folks,
> ...snip...
> > First question, why are we checking anything of a
> > "path" component in the bad_filename check ? Or perhaps
> > better asked, why are we NOT calling the filename
> > what comes after DIRSEP (either "/" or "¥" depending
> > upon your *NIX/Dos) ?
> > Any thoughts on how to go about getting the "last"
> > component of the filename to use in this check ?
> >
> Jim,
>
> you could look at the basename() function which should separate the path
> from the filename. although if i'm not mistaken, you can't specify the
> DIRSEP character, so i think it'll only work for *NIX style pathnames.
>
> you could also anchor your regex to the right by putting a $ in it after the
> test for the extention to ensure that it's only checking for the last
> occurance of the extension in the string.
>
> hope this helps
>
> alan
>
> _______________________________________________
> MIMEDefang mailing list
> MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
--
======================================================================
James B. Huber jbh at genesis-net.net
Genesis NETwork Services, Inc. (407) 678-7510
======================================================================
More information about the MIMEDefang
mailing list