[Esd-l] Poison Files

Scott Taylor scott at skot.org
Sat Jan 18 08:17:01 PST 2003


At 09:47 PM 1/17/2003 -0800, you wrote:
>On Fri, 17 Jan 2003, Scott Taylor wrote:
>
> > I did that, looked at procmail.log but I don't know what I should
> > be looking for.  There is no list of poisoned filespecs that I can
> > see.  What should I be looking for?
>
>Something like:
>
>Checking "10th July 2002   claire.doc.scr" for poisoning.
>   Checking against ".*\.asd(\?=)?$"
>   Checking against ".*\.bat(\?=)?$"
>   Checking against ".*\.chm(\?=)?$"
>   Checking against ".*\.com(\?=)?$"
>   Checking against ".*\.cil(\?=)?$"
>   Checking against ".*\.dll(\?=)?$"
>   Checking against ".*\.hlp(\?=)?$"
>   Checking against ".*\.hta(\?=)?$"

Nothing like that at all John.  I see a lot of Perl code, the log for 
single test is 23K of mostly Perl code.  Only blocks with "Checking" are 
like this:

                 if (!$poisoned && !$stripped && ($specf = 
$ENV{"POISONED_EXECUTABLES"})) {      #\
                   if (open(POISONED,$specf)) {  #\
                     warn " Checking \"$filen\" for poisoning.\n";       #\
                     while (chomp($psn_spec = <POISONED>)) {     #\
                       $psn_spec =~ s/^\s+//g;   #\
                       $psn_spec =~ s/\s.*$//g;  #\
                       next unless $psn_spec;    #\
                       $psn_spec =~ s/([^\\])\./$1\\./g; #\
                       $psn_spec =~ s/\*/.*/g;   #\
                       $psn_spec =~ s/([^\(])\?/$1./g;   #\
                       $psn_spec .= "(\\?=)?\$" unless $psn_spec =~ 
/\$/;        #\
                       warn "  Checking against \"$psn_spec\"\n" if 
$ENV{"DEBUG"};       #\

BTW, You do nice work with the RegExs.

So now what?



More information about the esd-l mailing list