Revert introduction of alloc_insecure_tainted_data

[exim.git] / src / src / smtp_out.c

diff --git a/src/src/smtp_out.c b/src/src/smtp_out.c
index 9547c4b81667d7a0221d5ac1c48d10a4d5028acc..06f6ce29ccbe05d5c4ba546b9905ba9ccd0b680d 100644 (file)
--- a/src/src/smtp_out.c
+++ b/src/src/smtp_out.c
@@ -53,8 +53,11 @@ if (!(expint = expand_string(istring)))
   return FALSE;
   }
 
-if (is_tainted2(expint, LOG_MAIN|LOG_PANIC, "Tainted value '%s' from '%s' for interface", expint, istring))
+if (is_tainted(expint))
   {
+  log_write(0, LOG_MAIN|LOG_PANIC,
+    "attempt to use tainted value '%s' from '%s' for interface",
+    expint, istring);
   addr->transport_return = PANIC;
   addr->message = string_sprintf("failed to expand \"interface\" "
       "option for %s: configuration error", msg);
@@ -283,7 +286,7 @@ const blob * fastopen_blob = NULL;
 #ifndef DISABLE_EVENT
 deliver_host_address = host->address;
 deliver_host_port = port;
-if (event_raise(tb->event_action, US"tcp:connect", NULL)) return -1;
+if (event_raise(tb->event_action, US"tcp:connect", NULL, &errno)) return -1;
 #endif
 
 if ((sock = ip_socket(SOCK_STREAM, host_af)) < 0) return -1;
@@ -475,7 +478,7 @@ if (ob->socks_proxy)
   {
   int sock = socks_sock_connect(sc->host, sc->host_af, port, sc->interface,
                                sc->tblock, ob->connect_timeout);
-
+  
   if (sock >= 0)
     {
     if (early_data && early_data->data && early_data->len)
@@ -524,13 +527,21 @@ flush_buffer(smtp_outblock * outblock, int mode)
 int rc;
 int n = outblock->ptr - outblock->buffer;
 BOOL more = mode == SCMD_MORE;
+client_conn_ctx * cctx;
 
 HDEBUG(D_transport|D_acl) debug_printf_indent("cmd buf flush %d bytes%s\n", n,
   more ? " (more expected)" : "");
 
+if (!(cctx = outblock->cctx))
+  {
+  log_write(0, LOG_MAIN|LOG_PANIC, "null conn-context pointer");
+  errno = 0;
+  return FALSE;
+  }
+
 #ifndef DISABLE_TLS
-if (outblock->cctx->tls_ctx)
-  rc = tls_write(outblock->cctx->tls_ctx, outblock->buffer, n, more);
+if (cctx->tls_ctx)             /*XXX have seen a null cctx here, rvfy sending QUIT, hence check above */
+  rc = tls_write(cctx->tls_ctx, outblock->buffer, n, more);
 else
 #endif
 
@@ -544,7 +555,7 @@ else
     requirement: TFO with data can, in rare cases, replay the data to the
     receiver. */
 
-    if (  (outblock->cctx->sock = smtp_connect(outblock->conn_args, &early_data))
+    if (  (cctx->sock = smtp_connect(outblock->conn_args, &early_data))
        < 0)
       return FALSE;
     outblock->conn_args = NULL;
@@ -552,7 +563,7 @@ else
     }
   else
     {
-    rc = send(outblock->cctx->sock, outblock->buffer, n,
+    rc = send(cctx->sock, outblock->buffer, n,
 #ifdef MSG_MORE
              more ? MSG_MORE : 0
 #else
@@ -567,7 +578,7 @@ else
     https://bugzilla.redhat.com/show_bug.cgi?id=1803806 */
 
     if (!more)
-      setsockopt(outblock->cctx->sock, IPPROTO_TCP, TCP_CORK, &off, sizeof(off));
+      setsockopt(cctx->sock, IPPROTO_TCP, TCP_CORK, &off, sizeof(off));
 #endif
     }
   }