Just check if the unzipped file has any .exe, .pif, etc. in it. This is more reliable and future-proof than testing for a specific size.
Using the Archive::Zip module from CPAN could be an even better idea if we want to avoid the fork/exec and shell pipeline. I think it should be as simple as (warning, completely untested):
use Archive::Zip;
my $zip = Archive::Zip->new();
if( $zip->read($entity->bodyhandle->path) == AZ_OK ) {
# It's a valid zip
my @members = $zip->members();
foreach my $member (@members) {
my $size = $member->uncompressedSize();
my $file = $member->fileName();
# Now, test for file extension and/or bad file sizes
}
}Cheers, Dave -- Dave O'Neill <[EMAIL PROTECTED]> Roaring Penguin Software Inc. +1 (613) 231-6599 ext. 104 http://www.roaringpenguin.com/
_______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
