blob: 74018d0e3e9f889be49d929296b0b3626c1ee9cc [file] [log] [blame]
#!/usr/local/plan9/bin/rc
rfork n
. 9.rc
# exit status matching:
#
# $discard - is really bad, refuse the message
# $accept - is really good, leave attachment alone
# anything else - rewrite attachment to have .suspect extension
#
# magic exit statuses known to vf
accept=10
discard=13
wrap=123 # anything but 10, 13
if(! ~ $#* 1){
echo usage: validateattachment mboxfile >[1=2]
exit usage
}
# some idiot virus is sending around attachments marked as .zip
# that are completely bogus and just say %TS_ZIP_ATTACH%
# as the base64 encoding of the zip file. gmail rejects all zip
# attachments when we forward them, so nip this one here.
if(grep -s '^%TS_ZIP_ATTACH%$' $1 && ~ `{wc -l <$1} 1 2 3 4 5 6 7 8 9 10){
echo bogus zip file!
exit $discard
}
upas/unvf < $1 >$1.unvf
file=$1.unvf
fn sigexit { rm $file }
fn save {
# d=`{date -n}
# cp $file /n/other/upas/tmp/$d.$1
# cp raw /n/other/upas/tmp/$d.$1.raw
# whatis x >/n/other/upas/tmp/$d.$1.file
}
x=`{file <$file | sed s/stdin://}
x=$"x
switch($x){
case *Ascii* *text* *'c program'* *'rc executable'*
save accept
exit $accept
case *'zip archive'*
# >[2=1] because sometimes we get zip files we can't parse
# but the errors look like
# unzip: reading data for philw.doc.scr failed: ...
# so we can still catch these.
if(! unzip -tsf $file >[2=1] >/dev/null){
echo corrupt zip file!
exit $discard
}
if(unzip -tsf $file >[2=1] | grep -si ' |\.(scr|exe|pif|bat|com)$'){
echo executables inside zip file!
exit $discard
}
case jpeg 'PNG image' bmp 'GIF image' *'plan 9 image'
save accept
exit $accept
case *Microsoft* *Office*
save wrap
exit $wrap
case *MSDOS*
# no executables
echo $x
exit $discard
}
save wrap
exit $wrap