[Mimedefang] Update to MIMEDefang Filter KAM
Kevin A. McGrail
kmcgrail at pccc.com
Mon Apr 19 10:23:36 EDT 2004
Steffen,
I thought about the s// on everything but the original code actually
monitored which tags were changes. When I decided to remove that
functionality, I forgot to change the code. Anyone know if there is a
"slurp" method ala undef $/; for MIME entities?
Also, re: opening the entire file, I figured we would have to process the
entire file because at what size will iframe/object emails stop being valid
attempts to exploit? And since this code was based on the University of
Columbia's live code for the past few months, it's seems "ok" to risk the
overhead to disable these bad items.
Regards,
KAM
> On Fri, 16 Apr 2004, Kevin A. McGrail wrote:
>
> > if ($io = $entity->open("r")) {
> > while (defined($currentline = $io->getline)) {
> > if ($currentline =~ s/<(iframe|script|object)\b/<no-$1 /ig) {
> > $badtag++;
> > }
> > $output .= $currentline;
> > }
> > $io->close;
> >
> > if ($badtag) {
> > if ($io = $entity->open("w")) {
> > $io->print($output);
> > $io->close;
> > }
>
> I wonder:
>
> a) You read in all the entity into memory, without size check?
>
> b) As you already have all the lines in memory, why don't you apply the
> s// operation on $output once?
>
> Bye,
>
> --
> Steffen Kaiser
> _______________________________________________
> Visit http://www.mimedefang.org and http://www.canit.ca
> MIMEDefang mailing list
> MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>
More information about the MIMEDefang
mailing list