Problems MailScanner 4.78.17

ThB lists at buschor.ch
Wed Nov 25 16:57:18 GMT 2009


Hello,

There's another small taint problem in Message.pm.
It occured when scanning an eicar test virus.

MailScanner's debugging output:

In Debugging mode, not forking...
Trying to setlogsock(native)
INFO:: Meaningless output that goes nowhere, to keep SAVI happy
Building a message batch to scan...
Have a batch of 1 message.
Insecure dependency in eval while running with -T switch at
/opt/MailScanner/lib/MailScanner/Message.pm line 4372, <GEN65> line 1.

-> at this point the MailScanner gets killed


Code Snippet Message.pm

  4369      $line =~ s/([\(\)\[\]\.\?\*\+\^"'@])/\\$1/g; # Escape any
regex characters
  4370      # Untainting joy...
  4371      $line =~ $1 if $line =~ /(.*)/;
  4372      $result = eval "\"$line\"";


After checking & trying to understand the code, I think the problem is
line 4371 which should be:

  4371      $line = $1 if $line =~ /(.*)/;

(note the "=" instead of "=~")

After this modification my MailScanner 4.79.3-1 is perfectly running.

regards
Thomas





More information about the MailScanner mailing list