commit fc46abdd9ce3bff29f735142ab52fec4fb1bf8a7
from: rsc <devnull@localhost>
date: Wed Apr 12 13:10:08 2006 UTC

boguszip

commit - 20bd3ca2e2bc7c1b284a5a52e72a32530529d234
commit + fc46abdd9ce3bff29f735142ab52fec4fb1bf8a7
blob - 03d3f0eb209159507d8139f49c81973b5b54e60e
blob + d21044f3536a321394810c6102f4b4e1b93340c6
--- mail/lib/validateattachment
+++ mail/lib/validateattachment
@@ -5,9 +5,9 @@ rfork n
 
 # exit status matching:
 #
-#	*discard* - is really bad, refuse the message 
-#	*accept* - is really good, leave attachment alone
-#	* - rewrite attachment to have .suspect extension
+#	$discard - is really bad, refuse the message 
+#	$accept - is really good, leave attachment alone
+#	anything else - rewrite attachment to have .suspect extension
 # 
 
 # magic exit statuses known to vf
@@ -21,6 +21,15 @@ if(! ~ $#* 1){
 	exit usage
 }
 
+# some idiot virus is sending around attachments marked as .zip
+# that are completely bogus and just say %TS_ZIP_ATTACH%
+# as the base64 encoding of the zip file.  gmail rejects all zip
+# attachments when we forward them, so nip this one here.
+if(grep -s '^%TS_ZIP_ATTACH%$' $1 && ~ `{wc -l <$1} 1 2 3 4 5 6 7 8 9 10){
+	echo bogus zip file!
+	exit $discard
+}
+
 upas/unvf < $1 >$1.unvf
 file=$1.unvf
 fn sigexit { rm $file }
@@ -40,6 +49,7 @@ case *Ascii* *text* *'c program'* *'rc executable'* 
 	exit $accept
 
 case *'zip archive'*
+	
 	# >[2=1] because sometimes we get zip files we can't parse
 	# but the errors look like
 	# unzip: reading data for philw.doc.scr failed: ...