[Mimedefang] file extension regex bug

Lucas Albers admin at cs.montana.edu
Thu Feb 12 22:44:13 EST 2004


I noticed a listed bug report against the debian package for the regular
expression for file name matching in mimedefang.
not sure if this applies to 2.39, but it appeared to apply to 2.38.

Cut and pasted from site:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=231078

--------
Thomas Baetzler <thomas at baetzler.de>:
Package: mimedefang
Version: 2.38
filter_bad_filename() scans a potential attachment filename for a
list of "undesirable" name extensions. The match is not anchored
against the end of the filename, so it can get false positives
if something that the test considers a "bad extension" is part of
the filename.

Example: Let's assume that the "com" extension is in the list of
bad extensions, but that "pdf" is not. An attachment named

	Service.T-Online.com - Anfragebericht - 12-03.pdf

is erroneously filtered because the regular expression
/\.$bad_exts\.*([^-A-Za-z0-9_.,]|$)/ matches the ".com "
in the attachment filename.

Adding a $ as an anchor at the end of the RE forces it to
check the real filename extension.

Suggested patch for /etc/mail/mimedefang-filter:

      # Do not allow:
      # - CLSIDs  {foobarbaz}
      # - bad extensions (possibly with trailing dots) at end or
      #   followed by non-alphanum
-     $re = '\.' . $bad_exts . '\.*([^-A-Za-z0-9_.,]|$)';
+     $re = '\.' . $bad_exts . '\.*([^-A-Za-z0-9_.,]|$)$';
      return re_match($entity, $re);
  }
--------
--Luke
CS System Administrator,Montana State University
Windows/Linux Security Administror College Of Engineering
Checkout monit for server process recovery.



More information about the MIMEDefang mailing list