Aleksander Machniak
2016-05-16 0b7e26c1bf6bc7a684eb3a214d92d3927306cd8a
commit | author | age
c29b82 1 <?php
T 2
a95874 3 /**
c29b82 4  +-----------------------------------------------------------------------+
T 5  | This file is part of the Roundcube Webmail client                     |
6  | Copyright (C) 2011, The Roundcube Dev Team                            |
7fe381 7  |                                                                       |
T 8  | Licensed under the GNU General Public License version 3 or            |
9  | any later version with exceptions for skins & plugins.                |
10  | See the README file for a full license statement.                     |
c29b82 11  |                                                                       |
T 12  | PURPOSE:                                                              |
13  |   PHP stream filter to detect evil content in mail attachments        |
14  +-----------------------------------------------------------------------+
15  | Author: Thomas Bruederli <roundcube@gmail.com>                        |
16  +-----------------------------------------------------------------------+
17 */
18
19 /**
20  * PHP stream filter to detect html/javascript code in attachments
9ab346 21  *
AM 22  * @package    Framework
a6fd15 23  * @subpackage Utils
c29b82 24  */
T 25 class rcube_content_filter extends php_user_filter
26 {
a267c6 27     private $buffer = '';
A 28     private $cutoff = 2048;
c29b82 29
a267c6 30     function onCreate()
A 31     {
32         $this->cutoff = rand(2048, 3027);
33         return true;
c29b82 34     }
T 35
1b39d9 36     function filter($in, $out, &$consumed, $closing)
a267c6 37     {
A 38         while ($bucket = stream_bucket_make_writeable($in)) {
39             $this->buffer .= $bucket->data;
c29b82 40
a267c6 41             // check for evil content and abort
A 42             if (preg_match('/<(script|iframe|object)/i', $this->buffer)) {
43                 return PSFS_ERR_FATAL;
44             }
45
46             // keep buffer small enough
47             if (strlen($this->buffer) > 4096) {
48                 $this->buffer = substr($this->buffer, $this->cutoff);
49             }
50
51             $consumed += $bucket->datalen;
52             stream_bucket_append($out, $bucket);
53         }
54
55         return PSFS_PASS_ON;
56     }
57 }