SECURITY: off-by-one in smtp transport (read response)

[exim.git] / src / src / log.c

diff --git a/src/src/log.c b/src/src/log.c
index 99eba5f905971c5c80bfb6b8e65ae92aa08e9a85..2cf578069d780002d56b9a2a0d18122f77113e90 100644 (file)
--- a/src/src/log.c
+++ b/src/src/log.c
@@ -105,7 +105,8 @@ static const uschar * exim_errstrings[] = {
   US"Negotiation failed for proxy configured host",
   US"Authenticator 'other' failure",
   US"target not supporting SMTPUTF8",
-  US"",
+  US"host is local",
+  US"tainted filename",
 
   US"Not time for routing",
   US"Not time for local delivery",
@@ -402,18 +403,20 @@ it gets statted to see if it has been cycled. With a datestamp, the datestamp
 will be compared. The static slot for saving it is the same size as buffer,
 and the text has been checked above to fit, so this use of strcpy() is OK. */
 
-if (type == lt_main && string_datestamp_offset >= 0)
+if (type == lt_main)
   {
   Ustrcpy(mainlog_name, buffer);
-  mainlog_datestamp = mainlog_name + string_datestamp_offset;
+  if (string_datestamp_offset > 0)
+    mainlog_datestamp = mainlog_name + string_datestamp_offset;
   }
 
 /* Ditto for the reject log */
 
-else if (type == lt_reject && string_datestamp_offset >= 0)
+else if (type == lt_reject)
   {
   Ustrcpy(rejectlog_name, buffer);
-  rejectlog_datestamp = rejectlog_name + string_datestamp_offset;
+  if (string_datestamp_offset > 0)
+    rejectlog_datestamp = rejectlog_name + string_datestamp_offset;
   }
 
 /* and deal with the debug log (which keeps the datestamp, but does not
@@ -1188,10 +1191,7 @@ if (flags & LOG_PANIC)
     panic_recurseflag = FALSE;
 
     if (panic_save_buffer)
-      {
-      int i = write(paniclogfd, panic_save_buffer, Ustrlen(panic_save_buffer));
-      i = i;   /* compiler quietening */
-      }
+      (void) write(paniclogfd, panic_save_buffer, Ustrlen(panic_save_buffer));
 
     written_len = write_to_fd_buf(paniclogfd, g->s, g->ptr);
     if (written_len != g->ptr)