Good point. I've just changed my code to
my $size = (stat($entity->bodyhandle->path))[7];
if (lc($ext) =~ /zip/ && $size < 30000) {
my $test = `/bin/unzip -p $path | wc -c`;
$size = $test if $test =~ /^\s*\d+\s*$/;
}
- rick
On Tue, 27 Jan 2004, Brent J. Nordquist wrote:
> On Tue, 27 Jan 2004, Rick Mallett <[EMAIL PROTECTED]> wrote:
>
> > It uses "unzip | wc -c" to check the file size and only discards if it
> > is in a smaller size range (22528-22530)
>
> The only thing that's been holding me back from doing that here, or
> implementing similar measures (e.g. unzip and see if there's only a .scr
> or .pif inside), is the fear of a "10 gigabytes of 0's" DoS ZIP file.
>
> --
> Brent J. Nordquist <[EMAIL PROTECTED]> N0BJN
> Other contact information: http://kepler.acns.bethel.edu/~bjn/contact.html
> * Fast pipe * Always on * Get out of the way - Tim Bray http://tinyurl.com/7sti
>
> _______________________________________________
> Visit http://www.mimedefang.org and http://www.canit.ca
> MIMEDefang mailing list
> [EMAIL PROTECTED]
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
