diff options
author | Eric Wong <normalperson@yhbt.net> | 2014-04-04 00:39:41 +0000 |
---|---|---|
committer | Eric Wong <normalperson@yhbt.net> | 2014-04-04 00:42:55 +0000 |
commit | 62405fb60d3153fbacba4936086587860f495fce (patch) | |
tree | 10782344fa6185028e8f0a431bcd5234501acdc4 | |
parent | 6c775a61d97e0318e76443adb05f6b71a26a41c9 (diff) | |
download | public-inbox-62405fb60d3153fbacba4936086587860f495fce.tar.gz |
This should be safer than running file(1), which has had its share of vulnerabilities this year (early 2014) We really only care about diffs and maybe short log files, here.
-rw-r--r-- | lib/PublicInbox/Filter.pm | 20 | ||||
-rw-r--r-- | t/filter.t | 2 |
2 files changed, 7 insertions, 15 deletions
diff --git a/lib/PublicInbox/Filter.pm b/lib/PublicInbox/Filter.pm index 0b4dce87..4a348217 100644 --- a/lib/PublicInbox/Filter.pm +++ b/lib/PublicInbox/Filter.pm @@ -215,23 +215,13 @@ sub replace_body { mark_changed($simple); } -# run the file(1) command to detect mime type -# Not using File::MMagic for now since that requires extra configuration -# Note: we do not rewrite the message with the detected mime type +# Check for display-able text, no messed up binaries +# Note: we can not rewrite the message with the detected mime type sub recheck_type_ok { my ($part) = @_; - my $cmd = "file --mime-type -b -"; - my $pid = open2(my $out, my $in, $cmd); - print $in $part->body; - close $in; - my $type = eval { - local $/; - <$out>; - }; - waitpid($pid, 0); - chomp $type; - - (($type =~ $MIME_TEXT_ANY) && ($type !~ $MIME_HTML)) + my $s = $part->body; + ((bytes::length($s) < 0x10000) && + ($s =~ /\A([\P{XPosixPrint}\f\n\r\t]+)\z/)) } 1; @@ -291,6 +291,8 @@ int main(void) printf("Hello world\\n"); return 0; } + +/* some folks like ^L */ EOF ), Email::MIME->create( |