* Exim - an Internet mail transport agent *
*************************************************/
+/* Copyright (c) The Exim Maintainers 2020 - 2022 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
/* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
/* Thanks to Paul Kelly for contributing the original code for these
functions. */
/* Get store for a new handle, initialize it, and connect to the server */
- mysql_handle = store_get(sizeof(MYSQL), FALSE);
+ mysql_handle = store_get(sizeof(MYSQL), GET_UNTAINTED);
mysql_init(mysql_handle);
mysql_options(mysql_handle, MYSQL_READ_DEFAULT_GROUP, CS group);
if (mysql_real_connect(mysql_handle,
/* Add the connection to the cache */
- cn = store_get(sizeof(mysql_connection), FALSE);
+ cn = store_get(sizeof(mysql_connection), GET_UNTAINTED);
cn->server = server_copy;
cn->handle = mysql_handle;
cn->next = mysql_connections;
{
DEBUG(D_lookup) debug_printf_indent("MYSQL: query was not one that returns data\n");
result = string_cat(result,
- string_sprintf("%d", mysql_affected_rows(mysql_handle)));
+ string_sprintf("%lld", mysql_affected_rows(mysql_handle)));
*do_cache = 0;
goto MYSQL_EXIT;
}
while ((mysql_row_data = mysql_fetch_row(mysql_result)))
{
- unsigned long *lengths = mysql_fetch_lengths(mysql_result);
+ unsigned long * lengths = mysql_fetch_lengths(mysql_result);
if (result)
result = string_catn(result, US"\n", 1);
result);
else if (mysql_row_data[0] != NULL) /* NULL value yields nothing */
- result = string_catn(result, US mysql_row_data[0], lengths[0]);
+ result = lengths[0] == 0 && !result
+ ? string_get(1) /* for 0-len string result ensure non-null gstring */
+ : string_catn(result, US mysql_row_data[0], lengths[0]);
}
/* more results? -1 = no, >0 = error, 0 = yes (keep looping)
Arguments:
s the string to be quoted
opt additional option text or NULL if none
+ idx lookup type index
Returns: the processed string or NULL for a bad option
*/
static uschar *
-mysql_quote(uschar *s, uschar *opt)
+mysql_quote(uschar * s, uschar * opt, unsigned idx)
{
-register int c;
-int count = 0;
-uschar *t = s;
-uschar *quoted;
+int c, count = 0;
+uschar * t = s, * quoted;
-if (opt != NULL) return NULL; /* No options recognized */
+if (opt) return NULL; /* No options recognized */
-while ((c = *t++) != 0)
+while ((c = *t++))
if (Ustrchr("\n\t\r\b\'\"\\", c) != NULL) count++;
-if (count == 0) return s;
-t = quoted = store_get(Ustrlen(s) + count + 1, is_tainted(s));
+/* Old code: if (count == 0) return s;
+Now always allocate and copy, to track the quoted status. */
-while ((c = *s++) != 0)
+t = quoted = store_get_quoted(Ustrlen(s) + count + 1, s, idx);
+
+while ((c = *s++))
{
if (Ustrchr("\n\t\r\b\'\"\\", c) != NULL)
{
*t++ = '\\';
switch(c)
{
- case '\n': *t++ = 'n';
- break;
- case '\t': *t++ = 't';
- break;
- case '\r': *t++ = 'r';
- break;
- case '\b': *t++ = 'b';
- break;
- default: *t++ = c;
- break;
+ case '\n': *t++ = 'n'; break;
+ case '\t': *t++ = 't'; break;
+ case '\r': *t++ = 'r'; break;
+ case '\b': *t++ = 'b'; break;
+ default: *t++ = c; break;
}
}
else *t++ = c;
#include "../version.h"
-void
-mysql_version_report(FILE *f)
+gstring *
+mysql_version_report(gstring * g)
{
-fprintf(f, "Library version: MySQL: Compile: %lu %s [%s]\n"
- " Runtime: %lu %s\n",
+g = string_fmt_append(g,
+ "Library version: MySQL: Compile: %lu %s [%s]\n"
+ " Runtime: %lu %s\n",
(long)EXIM_MxSQL_VERSION_ID, EXIM_MxSQL_VERSION_STR, EXIM_MxSQL_BASE_STR,
mysql_get_client_version(), mysql_get_client_info());
#ifdef DYNLOOKUP
-fprintf(f, " Exim version %s\n", EXIM_VERSION_STR);
+g = string_fmt_append(g,
+ " Exim version %s\n", EXIM_VERSION_STR);
#endif
+return g;
}
/* These are the lookup_info blocks for this driver */
static lookup_info mysql_lookup_info = {
- US"mysql", /* lookup name */
- lookup_querystyle, /* query-style lookup */
- mysql_open, /* open function */
- NULL, /* no check function */
- mysql_find, /* find function */
- NULL, /* no close function */
- mysql_tidy, /* tidy function */
- mysql_quote, /* quoting function */
- mysql_version_report /* version reporting */
+ .name = US"mysql", /* lookup name */
+ .type = lookup_querystyle, /* query-style lookup */
+ .open = mysql_open, /* open function */
+ .check = NULL, /* no check function */
+ .find = mysql_find, /* find function */
+ .close = NULL, /* no close function */
+ .tidy = mysql_tidy, /* tidy function */
+ .quote = mysql_quote, /* quoting function */
+ .version_report = mysql_version_report /* version reporting */
};
#ifdef DYNLOOKUP