3 This program replaces all "dangerous" characters in the incoming file
4 to '_' character. Dangerous characters are all characters less than 32
5 (space) and not equal to \n, \r, \t, \f and ^H.
7 It also notices lines > 1024 characters and splits them, adding space
8 character in front of the split line.
10 In ``fascist'' mode (when called with argument -fascist), it is much
11 more restrictive: it permits only newlines, space, TAB, lowercase and
12 uppercase letters, and digits. Everything else is replaced by '_'
13 character. Fascist mode should be used to filter user input that is
14 to be used in shell scripts. It may prevent users from being able to
15 fool poorly written shell scripts that accept user commands into
16 executing arbitrary programs. Since, unfortunately, it is likely that
17 some of the scripts would be prone to such attacks, using this
18 program is highly recommended BEFORE doing anything with user input.
20 This program should be used to preprocess all incoming mail before
21 feeding to mail processing scripts. It in fact may prove useful
22 against viruses exploiting weaknesses of C programs that overflow
25 Copyright 1996, Igor Chudov. GNU Public license applies, and I am
26 not responsible for any damage arising from use of this program.
32 #define MAX_CHAR 256 /* max unsigned char */
33 #define MAX_LEN 1024 /* max allowed line size */
34 #define NEWLINE "\n" /* newline for Unix, for DOS I think "\r\n" */
36 unsigned char charTable[ MAX_CHAR ];
38 #define SET_GOOD_INTERVAL( l, u ) \
39 for( i = l; i <= u; ) charTable[i++] = 1;
41 void initCharTable( int fascist )
45 /* bad characters can only be used for viruses */
46 for( i=0; i < MAX_CHAR; i++ ) charTable[i] = 0;
54 if( fascist ) { /* fascist mode - used for shells */
55 SET_GOOD_INTERVAL( 'a', 'z' );
56 SET_GOOD_INTERVAL( 'A', 'Z' );
57 SET_GOOD_INTERVAL( '0', '9' );
62 } else { /* normal mode - used to filter users' mail. */
64 /* Good characters, incl Cyrillic */
65 SET_GOOD_INTERVAL( ' ', MAX_CHAR-1 );
67 charTable[8] = 1; /* 8 is Ctrl-H, BackSpace */
71 int main( int argc, char **argv )
77 if( strcmp( argv[1], "-fascist" ) ) {
78 fprintf( stderr, "Usage: %s [-fascist]\n", argv[0] );
82 } else if( argc != 1 ) {
83 fprintf( stderr, "Usage: %s [-fascist]\n", argv[0] );
87 initCharTable( fascist );
89 while( (ch = getchar()) != EOF )
91 if( !charTable[ch] ) ch = '_';
92 if( ch == '\n' ) len = 0; else len++;
94 printf( NEWLINE " " );
95 len = 1; /* because I put " " */