git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Taint enforce: directory open backstops, single-key search filename
[exim.git]
/
src
/
src
/
lookups
/
dsearch.c
diff --git
a/src/src/lookups/dsearch.c
b/src/src/lookups/dsearch.c
index c27f5d6e65203f9d01d984012ab3566c067bb997..3a0df303b6fe124316788842397c1406420e414b 100644
(file)
--- a/
src/src/lookups/dsearch.c
+++ b/
src/src/lookups/dsearch.c
@@
-27,8
+27,8
@@
actually scanning through the list of files. */
static void *
dsearch_open(uschar *dirname, uschar **errmsg)
{
static void *
dsearch_open(uschar *dirname, uschar **errmsg)
{
-DIR *
dp = opendir(CS
dirname);
-if (
dp == NULL
)
+DIR *
dp = exim_opendir(
dirname);
+if (
!dp
)
{
int save_errno = errno;
*errmsg = string_open_failed(errno, "%s for directory search", dirname);
{
int save_errno = errno;
*errmsg = string_open_failed(errno, "%s for directory search", dirname);
@@
-47,8
+47,8
@@
return (void *)(-1);
/* The handle will always be (void *)(-1), but don't try casting it to an
integer as this gives warnings on 64-bit systems. */
/* The handle will always be (void *)(-1), but don't try casting it to an
integer as this gives warnings on 64-bit systems. */
-BOOL
-
static
dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners,
+
static
BOOL
+dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners,
gid_t *owngroups, uschar **errmsg)
{
handle = handle;
gid_t *owngroups, uschar **errmsg)
{
handle = handle;
@@
-87,7
+87,9
@@
if (Ustrchr(keystring, '/') != 0)
filename = string_sprintf("%s/%s", dirname, keystring);
if (Ulstat(filename, &statbuf) >= 0)
{
filename = string_sprintf("%s/%s", dirname, keystring);
if (Ulstat(filename, &statbuf) >= 0)
{
- *result = string_copy(keystring);
+ /* Since the filename exists in the filesystem, we can return a
+ non-tainted result. */
+ *result = string_copy_taint(keystring, FALSE);
return OK;
}
return OK;
}