Encrypted ZIP files provoke an error

JonathanThorpe / spamassassin-vba-macro

SpamAssassin plugin for detecting VBA macros in Microsoft Office Documents

Apache License 2.0

11 stars 3 forks source link

Encrypted ZIP files provoke an error #5

Closed itsbo closed 8 years ago

itsbo commented 8 years ago

Whenever an encrypted ZIP file with doc files is encountered, the module fails with an error:

Feb 24 09:02:29 xxx amavis[41274]: (41274-20) _WARN: rules: failed to run MICROSOFT_OLE2MACRO test, skipping:\n\t(Can't call method "getHeaderInfo" on an undefined value at /var/lib/spamassassin/local/ole2macro.pm line111.\n)`

Incidentially: why is $contents escaped "\" on line 122?

my $z = new IO::Uncompress::Unzip \$contents;

JonathanThorpe commented 8 years ago

Can you please let me know if the fixes branch resolves this? If so, I'll merge into master.

JonathanThorpe commented 8 years ago

Regarding line 122, this is necessary for Perl is to pass a reference to the Unzip function rather than copy the string.

itsbo commented 8 years ago

I'll check it today. There is also a slightly different kind of error that might happen:

Feb 25 00:27:44 xxx amavis[60199]: (60199-17) _WARN: rules: failed to run MICROSOFT_OLE2MACRO test, skipping:\n\t(Can't use an undefined value as a HASH reference at /var/lib/spamassassin/local/ole2macro.pm line 132.\n)

This is due to a RAR file being misrepresented as a ZIP file:

Feb 25 00:27:44 xxx amavis[60199]: (60199-17) p.path user@local.domain: "P=p003,L=1,M=multipart/mixed | P=p001,L=1/1,M=application/octet-stream,T=rar,N=Criminal_Case_against You.W97 Xerox_4700 DXT  8ST.zip,A=U"

but your fix should take care of that too.

itsbo commented 8 years ago

The error message persists. I think this is due to the return value for Unzip. As

http://perldoc.perl.org/IO/Uncompress/Unzip.html

states:

Returns an IO::Uncompress::Unzip object on success and undef on failure.

so you should probably check $z differently:

--- ole2macro.pm    2016-02-26 10:09:24.290282468 +0100
+++ /var/lib/spamassassin/local/ole2macro.pm    2016-02-26 10:04:42.643100598 +0100
@@ -126,7 +126,7 @@
           my $status;
           my $buff;

-          if ($z) {
+          if (defined $z) {
              for ($status = 1; $status > 0; $status = $z->nextStream()) {
                 if (lc $z->getHeaderInfo()->{Name} =~ $match_types) {
                     $processed_files_counter += 1;`

I added this and the error goes away.