line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
# <@LICENSE> |
2
|
|
|
|
|
|
|
# Licensed to the Apache Software Foundation (ASF) under one or more |
3
|
|
|
|
|
|
|
# contributor license agreements. See the NOTICE file distributed with |
4
|
|
|
|
|
|
|
# this work for additional information regarding copyright ownership. |
5
|
|
|
|
|
|
|
# The ASF licenses this file to you under the Apache License, Version 2.0 |
6
|
|
|
|
|
|
|
# (the "License"); you may not use this file except in compliance with |
7
|
|
|
|
|
|
|
# the License. You may obtain a copy of the License at: |
8
|
|
|
|
|
|
|
# |
9
|
|
|
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0 |
10
|
|
|
|
|
|
|
# |
11
|
|
|
|
|
|
|
# Unless required by applicable law or agreed to in writing, software |
12
|
|
|
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS, |
13
|
|
|
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
14
|
|
|
|
|
|
|
# See the License for the specific language governing permissions and |
15
|
|
|
|
|
|
|
# limitations under the License. |
16
|
|
|
|
|
|
|
# </@LICENSE> |
17
|
|
|
|
|
|
|
|
18
|
|
|
|
|
|
|
package Mail::SpamAssassin::Plugin::URIEval; |
19
|
|
|
|
|
|
|
|
20
|
22
|
|
|
22
|
|
160
|
use Mail::SpamAssassin::Plugin; |
|
22
|
|
|
|
|
54
|
|
|
22
|
|
|
|
|
632
|
|
21
|
22
|
|
|
22
|
|
117
|
use Mail::SpamAssassin::Logger; |
|
22
|
|
|
|
|
51
|
|
|
22
|
|
|
|
|
1077
|
|
22
|
|
|
|
|
|
|
|
23
|
22
|
|
|
22
|
|
170
|
use strict; |
|
22
|
|
|
|
|
47
|
|
|
22
|
|
|
|
|
405
|
|
24
|
22
|
|
|
22
|
|
102
|
use warnings; |
|
22
|
|
|
|
|
46
|
|
|
22
|
|
|
|
|
551
|
|
25
|
|
|
|
|
|
|
# use bytes; |
26
|
22
|
|
|
22
|
|
122
|
use re 'taint'; |
|
22
|
|
|
|
|
45
|
|
|
22
|
|
|
|
|
10255
|
|
27
|
|
|
|
|
|
|
|
28
|
|
|
|
|
|
|
our @ISA = qw(Mail::SpamAssassin::Plugin); |
29
|
|
|
|
|
|
|
|
30
|
|
|
|
|
|
|
# constructor: register the eval rule |
31
|
|
|
|
|
|
|
sub new { |
32
|
63
|
|
|
63
|
1
|
247
|
my $class = shift; |
33
|
63
|
|
|
|
|
155
|
my $mailsaobject = shift; |
34
|
|
|
|
|
|
|
|
35
|
|
|
|
|
|
|
# some boilerplate... |
36
|
63
|
|
33
|
|
|
479
|
$class = ref($class) || $class; |
37
|
63
|
|
|
|
|
378
|
my $self = $class->SUPER::new($mailsaobject); |
38
|
63
|
|
|
|
|
214
|
bless ($self, $class); |
39
|
|
|
|
|
|
|
|
40
|
|
|
|
|
|
|
# the important bit! |
41
|
63
|
|
|
|
|
310
|
$self->register_eval_rule("check_for_http_redirector"); |
42
|
63
|
|
|
|
|
215
|
$self->register_eval_rule("check_https_ip_mismatch"); |
43
|
63
|
|
|
|
|
206
|
$self->register_eval_rule("check_uri_truncated"); |
44
|
|
|
|
|
|
|
|
45
|
63
|
|
|
|
|
484
|
return $self; |
46
|
|
|
|
|
|
|
} |
47
|
|
|
|
|
|
|
|
48
|
|
|
|
|
|
|
########################################################################### |
49
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
sub check_for_http_redirector { |
51
|
0
|
|
|
0
|
0
|
|
my ($self, $pms) = @_; |
52
|
|
|
|
|
|
|
|
53
|
0
|
|
|
|
|
|
foreach ($pms->get_uri_list()) { |
54
|
0
|
|
|
|
|
|
while (s{^https?://([^/:\?]+).+?(https?:/{0,2}?([^/:\?]+).*)$}{$2}i) { |
55
|
0
|
|
|
|
|
|
my ($redir, $dest) = ($1, $3); |
56
|
0
|
|
|
|
|
|
foreach ($redir, $dest) { |
57
|
0
|
|
0
|
|
|
|
$_ = $self->{main}->{registryboundaries}->uri_to_domain($_) || $_; |
58
|
|
|
|
|
|
|
} |
59
|
0
|
0
|
|
|
|
|
next if ($redir eq $dest); |
60
|
0
|
|
|
|
|
|
dbg("eval: redirect: found $redir to $dest, flagging"); |
61
|
0
|
|
|
|
|
|
return 1; |
62
|
|
|
|
|
|
|
} |
63
|
|
|
|
|
|
|
} |
64
|
0
|
|
|
|
|
|
return 0; |
65
|
|
|
|
|
|
|
} |
66
|
|
|
|
|
|
|
|
67
|
|
|
|
|
|
|
########################################################################### |
68
|
|
|
|
|
|
|
|
69
|
|
|
|
|
|
|
sub check_https_ip_mismatch { |
70
|
0
|
|
|
0
|
0
|
|
my ($self, $pms) = @_; |
71
|
|
|
|
|
|
|
|
72
|
0
|
|
|
|
|
|
while (my($k,$v) = each %{$pms->{html}->{uri_detail}}) { |
|
0
|
|
|
|
|
|
|
73
|
0
|
0
|
|
|
|
|
next if ($k !~ m%^https?:/*(?:[^\@/]+\@)?\d+\.\d+\.\d+\.\d+%i); |
74
|
0
|
|
|
|
|
|
foreach (@{$v->{anchor_text}}) { |
|
0
|
|
|
|
|
|
|
75
|
0
|
0
|
|
|
|
|
next if (m%^https:/*(?:[^\@/]+\@)?\d+\.\d+\.\d+\.\d+%i); |
76
|
0
|
0
|
|
|
|
|
if (m%https:%i) { |
77
|
0
|
|
|
|
|
|
keys %{$self->{html}->{uri_detail}}; # resets iterator, bug 4829 |
|
0
|
|
|
|
|
|
|
78
|
0
|
|
|
|
|
|
return 1; |
79
|
|
|
|
|
|
|
} |
80
|
|
|
|
|
|
|
} |
81
|
|
|
|
|
|
|
} |
82
|
|
|
|
|
|
|
|
83
|
0
|
|
|
|
|
|
return 0; |
84
|
|
|
|
|
|
|
} |
85
|
|
|
|
|
|
|
|
86
|
|
|
|
|
|
|
########################################################################### |
87
|
|
|
|
|
|
|
|
88
|
|
|
|
|
|
|
# is there a better way to do this? |
89
|
|
|
|
|
|
|
sub check_uri_truncated { |
90
|
0
|
|
|
0
|
0
|
|
my ($self, $pms) = @_; |
91
|
0
|
|
|
|
|
|
return $pms->{'uri_truncated'}; |
92
|
|
|
|
|
|
|
} |
93
|
|
|
|
|
|
|
|
94
|
|
|
|
|
|
|
1; |