Correction to sendmail attachment filter

[Bennett Samowich <brs () BEN-TECH COM>]

Greetings,

I have attached yet another copy of the sendmail filter with the
corrections as recommended by Brett and Jason (thanks).     During my tests
it did block messages that used mixed case MIME tags for filenames.  (e.g.
Name="...", NAME="...", etc)

These filters are not my forte', but I had been toying with them when this
one came about.  Thanks to those who caught the shortcomings.

- Bennett


Here is what was found:

1) An attacker could create a special message that contained mixed case
MIME tags when specifying the attached file names.

Example:
Content-Type: TEXT/PLAIN; charset=US-ASCII; NaMe="filename.dll"

Solution:
added the following code to mlfi_body():

      /* convert to lowercase */
      q = p;
      while (*q) {
         *q = tolower(*q);
         q++;
      }

2) There was a flaw in the logic of bad_extension() that caused valid files
to be incorrectly blocked.

Example:
.xls files were rejected as if they were .vbs file because they had a
common character (the 's').

Solution:
Changed
      if ( x != y )
         n++;
   }

   if (n == len)
      return (0);

To
      if ( x == y )
         n++;
   }

   if (n != len)
      return (0);

Attachment: noattach.c
Description: