Don't phishcheck email addresses (bb #2067).

To avoid false positives.

ChangeLog

@@ -1,3 +1,7 @@
+Mon Jul 26 13:16:07 EEST 2010 (edwin)
+-------------------------------------
+ * libclamav/phishcheck.c: don't phishcheck email addresses (bb #2067)
+
 Mon Jul 26 12:55:20 EEST 2010 (edwin)
 ------------------------------------
  * clamd/session.c: treat MULTISCAN as CONTSCAN on non-directories (bb #1869).

libclamav/phishcheck.c

@@ -1000,6 +1000,7 @@ static int isURL(char* URL, int accept_anyproto)
 {
 	char *last_tld_end = NULL, *q;
 	const char *start = NULL, *p, *end;
+	int has_proto = 0;
 	if(!URL)
 		return 0;
 
@@ -1035,6 +1036,7 @@ static int isURL(char* URL, int accept_anyproto)
 				start++;
 			} else
 			    start++;
+			has_proto = 1;
 		}
 		else
 			start = URL; /* scheme invalid */
@@ -1044,6 +1046,16 @@ static int isURL(char* URL, int accept_anyproto)
 	end = strchr(p, '/');
 	if (!end)
 		end = p + strlen(p);
+
+	if (!has_proto && (q = memchr(p, '@', end-p))) {
+	    /* don't phishcheck if displayed URL is email, but do phishcheck if
+	     * foo.TLD@host is used */
+	    const char *q2 = q-1;
+	    while (q2 > p && *q2 != '.') q2--;
+	    if (q2 == p || !in_tld_set(q2+1, q-q2-1))
+		return 0;
+	}
+
 	do {
 		q = strchr(p, '.');
 		if (q > end)

unit_tests/check_regex.c

@@ -177,6 +177,9 @@ static const struct rtest {
 		      3 - blacklisted if 2nd db is loaded,
 		      4 - invalid regex*/
 } rtests[] = {
+        {NULL,"http://fake.example.com", "http://foo@key.com/", 0},
+	{NULL,"http://fake.example.com", "foo.example.com@key.com", 0},
+	{NULL,"http://fake.example.com", "foo@key.com", 2},
 	{NULL,"http://fake.example.com","=====key.com",0},
 	{NULL,"http://key.com","=====key.com",2},
 	{NULL," http://key.com","=====key.com",2},