headers.c (40497) | headers.c (42580) |
---|---|
1/* 2 * Copyright (c) 1998 Sendmail, Inc. All rights reserved. 3 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * By using this file, you agree to the terms and conditions set 8 * forth in the LICENSE file which can be found at the top level of 9 * the sendmail distribution. 10 * 11 */ 12 13#ifndef lint | 1/* 2 * Copyright (c) 1998 Sendmail, Inc. All rights reserved. 3 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * By using this file, you agree to the terms and conditions set 8 * forth in the LICENSE file which can be found at the top level of 9 * the sendmail distribution. 10 * 11 */ 12 13#ifndef lint |
14static char sccsid[] = "@(#)headers.c 8.127 (Berkeley) 6/4/98"; | 14static char sccsid[] = "@(#)headers.c 8.134 (Berkeley) 11/29/1998"; |
15#endif /* not lint */ 16 17# include <errno.h> 18# include "sendmail.h" 19 20/* 21** SETUPHEADERS -- initialize headers in symbol table 22** --- 493 unchanged lines hidden (view full) --- 516 int saveflags = e->e_flags; 517#endif 518 519 (void) sendtolist(h->h_value, NULLADDR, 520 &e->e_sendqueue, 0, e); 521 522#if 0 523 /* | 15#endif /* not lint */ 16 17# include <errno.h> 18# include "sendmail.h" 19 20/* 21** SETUPHEADERS -- initialize headers in symbol table 22** --- 493 unchanged lines hidden (view full) --- 516 int saveflags = e->e_flags; 517#endif 518 519 (void) sendtolist(h->h_value, NULLADDR, 520 &e->e_sendqueue, 0, e); 521 522#if 0 523 /* |
524 ** Change functionality so a fatal error on an 525 ** address doesn't affect the entire envelope. | 524 ** Change functionality so a fatal error on an 525 ** address doesn't affect the entire envelope. |
526 */ 527 528 /* delete fatal errors generated by this address */ 529 if (!bitset(EF_FATALERRS, saveflags)) 530 e->e_flags &= ~EF_FATALERRS; 531#endif 532 } 533 --- 659 unchanged lines hidden (view full) --- 1193 extern bool bitintersect __P((BITMAP, BITMAP)); 1194 1195 if (tTd(34, 11)) 1196 { 1197 printf(" %s: ", h->h_field); 1198 xputs(p); 1199 } 1200 | 526 */ 527 528 /* delete fatal errors generated by this address */ 529 if (!bitset(EF_FATALERRS, saveflags)) 530 e->e_flags &= ~EF_FATALERRS; 531#endif 532 } 533 --- 659 unchanged lines hidden (view full) --- 1193 extern bool bitintersect __P((BITMAP, BITMAP)); 1194 1195 if (tTd(34, 11)) 1196 { 1197 printf(" %s: ", h->h_field); 1198 xputs(p); 1199 } 1200 |
1201#if _FFR_MAX_MIME_HEADER_LENGTH 1202 /* heuristic shortening of MIME fields to avoid MUA overflows */ 1203 if (MaxMimeFieldLength > 0 && 1204 wordinclass(h->h_field, 1205 macid("{checkMIMEFieldHeaders}", NULL))) 1206 { 1207 extern bool fix_mime_header __P((char *)); 1208 1209 if (fix_mime_header(h->h_value)) 1210 { 1211 sm_syslog(LOG_ALERT, e->e_id, 1212 "Truncated MIME %s header due to field size (possible attack)", 1213 h->h_field); 1214 if (tTd(34, 11)) 1215 printf(" truncated MIME %s header due to field size (possible attack)\n", 1216 h->h_field); 1217 } 1218 } 1219 1220 if (MaxMimeHeaderLength > 0 && 1221 wordinclass(h->h_field, 1222 macid("{checkMIMETextHeaders}", NULL))) 1223 { 1224 if (strlen(h->h_value) > MaxMimeHeaderLength) 1225 { 1226 h->h_value[MaxMimeHeaderLength - 1] = '\0'; 1227 sm_syslog(LOG_ALERT, e->e_id, 1228 "Truncated long MIME %s header (possible attack)", 1229 h->h_field); 1230 if (tTd(34, 11)) 1231 printf(" truncated long MIME %s header (possible attack)\n", 1232 h->h_field); 1233 } 1234 } 1235 1236 if (MaxMimeHeaderLength > 0 && 1237 wordinclass(h->h_field, 1238 macid("{checkMIMEHeaders}", NULL))) 1239 { 1240 extern bool shorten_rfc822_string __P((char *, int)); 1241 1242 if (shorten_rfc822_string(h->h_value, MaxMimeHeaderLength)) 1243 { 1244 sm_syslog(LOG_ALERT, e->e_id, 1245 "Truncated long MIME %s header (possible attack)", 1246 h->h_field); 1247 if (tTd(34, 11)) 1248 printf(" truncated long MIME %s header (possible attack)\n", 1249 h->h_field); 1250 } 1251 } 1252#endif 1253 |
|
1201 /* suppress Content-Transfer-Encoding: if we are MIMEing */ 1202 if (bitset(H_CTE, h->h_flags) && 1203 bitset(MCIF_CVT8TO7|MCIF_CVT7TO8|MCIF_INMIME, mci->mci_flags)) 1204 { 1205 if (tTd(34, 11)) 1206 printf(" (skipped (content-transfer-encoding))\n"); 1207 continue; 1208 } --- 354 unchanged lines hidden (view full) --- 1563 *tail = newhdr; 1564 tail = &newhdr->h_link; 1565 header = header->h_link; 1566 } 1567 *tail = NULL; 1568 1569 return ret; 1570} | 1254 /* suppress Content-Transfer-Encoding: if we are MIMEing */ 1255 if (bitset(H_CTE, h->h_flags) && 1256 bitset(MCIF_CVT8TO7|MCIF_CVT7TO8|MCIF_INMIME, mci->mci_flags)) 1257 { 1258 if (tTd(34, 11)) 1259 printf(" (skipped (content-transfer-encoding))\n"); 1260 continue; 1261 } --- 354 unchanged lines hidden (view full) --- 1616 *tail = newhdr; 1617 tail = &newhdr->h_link; 1618 header = header->h_link; 1619 } 1620 *tail = NULL; 1621 1622 return ret; 1623} |
1624/* 1625** FIX_MIME_HEADER -- possibly truncate/rebalance parameters in a MIME header 1626** 1627** Run through all of the parameters of a MIME header and 1628** possibly truncate and rebalance the parameter according 1629** to MaxMimeFieldLength. 1630** 1631** Parameters: 1632** string -- the full header 1633** 1634** Returns: 1635** TRUE if the header was modified, FALSE otherwise 1636** 1637** Side Effects: 1638** string modified in place 1639*/ 1640 1641bool 1642fix_mime_header(string) 1643 char *string; 1644{ 1645 bool modified = FALSE; 1646 char *begin = string; 1647 char *end; 1648 extern char *find_character __P((char *, char)); 1649 extern bool shorten_rfc822_string __P((char *, int)); 1650 1651 if (string == NULL || *string == '\0') 1652 return FALSE; 1653 1654 /* Split on each ';' */ 1655 while ((end = find_character(begin, ';')) != NULL) 1656 { 1657 char save = *end; 1658 char *bp; 1659 1660 *end = '\0'; 1661 1662 /* Shorten individual parameter */ 1663 if (shorten_rfc822_string(begin, MaxMimeFieldLength)) 1664 modified = TRUE; 1665 1666 /* Collapse the possibly shortened string with rest */ 1667 bp = begin + strlen(begin); 1668 if (bp != end) 1669 { 1670 char *ep = end; 1671 1672 *end = save; 1673 end = bp; 1674 1675 /* copy character by character due to overlap */ 1676 while (*ep != '\0') 1677 *bp++ = *ep++; 1678 *bp = '\0'; 1679 } 1680 else 1681 *end = save; 1682 if (*end == '\0') 1683 break; 1684 1685 /* Move past ';' */ 1686 begin = end + 1; 1687 } 1688 return modified; 1689} |
|