blob: d21044f3536a321394810c6102f4b4e1b93340c6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
#!/usr/local/plan9/bin/rc
rfork n
. 9.rc
# exit status matching:
#
# $discard - is really bad, refuse the message
# $accept - is really good, leave attachment alone
# anything else - rewrite attachment to have .suspect extension
#
# magic exit statuses known to vf
accept=10
discard=13
wrap=123 # anything but 10, 13
if(! ~ $#* 1){
echo usage: validateattachment mboxfile >[1=2]
exit usage
}
# some idiot virus is sending around attachments marked as .zip
# that are completely bogus and just say %TS_ZIP_ATTACH%
# as the base64 encoding of the zip file. gmail rejects all zip
# attachments when we forward them, so nip this one here.
if(grep -s '^%TS_ZIP_ATTACH%$' $1 && ~ `{wc -l <$1} 1 2 3 4 5 6 7 8 9 10){
echo bogus zip file!
exit $discard
}
upas/unvf < $1 >$1.unvf
file=$1.unvf
fn sigexit { rm $file }
fn save {
# d=`{date -n}
# cp $file /n/other/upas/tmp/$d.$1
# cp raw /n/other/upas/tmp/$d.$1.raw
# whatis x >/n/other/upas/tmp/$d.$1.file
}
x=`{file <$file | sed s/stdin://}
x=$"x
switch($x){
case *Ascii* *text* *'c program'* *'rc executable'*
save accept
exit $accept
case *'zip archive'*
# >[2=1] because sometimes we get zip files we can't parse
# but the errors look like
# unzip: reading data for philw.doc.scr failed: ...
# so we can still catch these.
if(unzip -tsf $file >[2=1] | grep -si ' |\.(scr|exe|pif|bat|com)$'){
echo executables inside zip file!
exit $discard
}
case jpeg 'PNG image' bmp 'GIF image' *'plan 9 image'
save accept
exit $accept
case *Microsoft* *Office*
save wrap
exit $wrap
case *MSDOS*
# no executables
echo $x
exit $discard
}
save wrap
exit $wrap
|