Ignore filenames in subject that aren't valid filenames, e.g. "Fwd:"

There were 2 bug identified by issue #230: - the "Fwd:" prefix being added to the message subject was being treated as a filename. I first thought to just remove this subject tag, but then thought it best to just ignore obviously invalid filenames in the subject in the first place. - when forwarding files to a netmail address, the 'to' extension (user number) is 0, so the file will be in the data/file/####.out directory of the sender instead. We have 4 places (at least) where the message subjects are parsed and only one of those places currently supports quoted filenames (e.g. with spaces in them) and some of the others (e.g. QWK) don't support multiple filenames at all. That should be fixed.

Ignore filenames in subject that aren't valid filenames, e.g. "Fwd:"
e779b88d · Rob Swindell · b1908193 · e779b88d · e779b88d · e779b88d
Commit e779b88d authored 4 years ago by Rob Swindell
--- a/src/sbbs3/getmail.c
+++ b/src/sbbs3/getmail.c
@@ -92,9 +92,11 @@ BOOL DLLCALL delfattach(scfg_t* cfg, smbmsg_t* msg)
 		sp=strrchr(tp,'/');              /* sp is slash pointer */
 		if(!sp) sp=strrchr(tp,'\\');
 		if(sp) tp=sp+1;
+		if(strcspn(tp, ILLEGAL_FILENAME_CHARS) == strlen(tp)) {
 			SAFEPRINTF2(path, "%s/%s", dir, tp);
 			if(remove(path) != 0)
 				return FALSE;
+		}
 		if(!p)
 			break;
 		tp=p+1; 

--- a/src/sbbs3/getmsg.cpp
+++ b/src/sbbs3/getmsg.cpp
@@ -405,6 +405,7 @@ void sbbs_t::download_msg_attachments(smb_t* smb, smbmsg_t* msg, bool del)
 			tp=getfname(tp);
 			file_t	fd;
 			fd.dir=cfg.total_dirs+1;			/* temp dir for file attachments */
+			if(strcspn(tp, ILLEGAL_FILENAME_CHARS) == strlen(tp)) {
 				padfname(tp,fd.name);
 				SAFEPRINTF3(fpath,"%sfile/%04u.in/%s"  /* path is path/fname */
 					,cfg.data_dir, msg->idx.to, tp);
@@ -461,6 +462,7 @@ void sbbs_t::download_msg_attachments(smb_t* smb, smbmsg_t* msg, bool del)
 						}
 					}
 				}
+			}
 			if(!p)
 				break;
 			tp=p+1;

--- a/src/sbbs3/mailsrvr.c
+++ b/src/sbbs3/mailsrvr.c
@@ -907,8 +907,11 @@ static ulong sockmsgtxt(SOCKET socket, const char* prot, CRYPT_SESSION sess, smb
 					break;
 			} else
 				*tp = '\0';
-			SAFEPRINTF2(filepath, "%s/%s", dirname, getfname(truncsp(p)));
+			char* fname = getfname(truncsp(p));
+			if(strcspn(fname, ILLEGAL_FILENAME_CHARS) == strlen(fname)) {
+				SAFEPRINTF2(filepath, "%s/%s", dirname, fname);
 				strListPush(&file_list, filepath);
+			}
 			if(tp == NULL)
 				break;
 			p = tp + 1;

--- a/src/sbbs3/writemsg.cpp
+++ b/src/sbbs3/writemsg.cpp
@@ -1306,13 +1306,14 @@ bool sbbs_t::editfile(char *fname, bool msg)
 /*************************/
 /* Copy file attachments */
+/* TODO: Quoted filename support */
 /*************************/
 bool sbbs_t::copyfattach(uint to, uint from, const char* subj)
 {
-	char str[128],str2[128],str3[128],*tp,*sp,*p;
+	char str[128], dest[MAX_PATH + 1], src[MAX_PATH + 1], *tp, *sp, *p;
 	bool result = false;
-	strcpy(str, subj);
+	SAFECOPY(str, subj);
 	tp=str;
 	while(1) {
 		p=strchr(tp,' ');
@@ -1320,12 +1321,13 @@ bool sbbs_t::copyfattach(uint to, uint from, const char* subj)
 		sp=strrchr(tp,'/');              /* sp is slash pointer */
 		if(!sp) sp=strrchr(tp,'\\');
 		if(sp) tp=sp+1;
-		SAFEPRINTF3(str2,"%sfile/%04u.in/%s"  /* str2 is path/fname */
+		if(strcspn(tp, ILLEGAL_FILENAME_CHARS) == strlen(tp)) {
-			,cfg.data_dir,to,tp);
+			if(to == 0)
-		SAFEPRINTF3(str3,"%sfile/%04u.in/%s"  /* str2 is path/fname */
+				SAFEPRINTF3(dest,"%sfile/%04u.out/%s", cfg.data_dir, from, tp);
-			,cfg.data_dir,from,tp);
+			else
-		if(strcmp(str2,str3)) {
+				SAFEPRINTF3(dest,"%sfile/%04u.in/%s", cfg.data_dir, to, tp);
-			if(mv(str3, str2, /* copy */true) != 0)
+			SAFEPRINTF3(src,"%sfile/%04u.in/%s", cfg.data_dir, from, tp);
+			if(mv(src, dest, /* copy */true) != 0)
 				return false;
 			result = true;
 		}