Track tainted data and refuse to expand it

[exim.git] / src / src / retry.c

diff --git a/src/src/retry.c b/src/src/retry.c
index 509de123c6a799bd31990a2ea6561b53acc244a5..d068f547d386f18beb1fee762ffc8a7a10cfcbde 100644 (file)
--- a/src/src/retry.c
+++ b/src/src/retry.c
@@ -291,7 +291,7 @@ Returns:  nothing
 void
 retry_add_item(address_item *addr, uschar *key, int flags)
 {
-retry_item *rti = store_get(sizeof(retry_item));
+retry_item *rti = store_get(sizeof(retry_item), FALSE);
 host_item * host = addr->host_used;
 
 rti->next = addr->retries;
@@ -666,7 +666,8 @@ for (int i = 0; i < 3; i++)
 
         if (!retry_record)
           {
-          retry_record = store_get(sizeof(dbdata_retry) + message_length);
+          retry_record = store_get(sizeof(dbdata_retry) + message_length,
+                                  is_tainted(message));
           message_space = message_length;
           retry_record->first_failed = now;
           retry_record->last_try = now;
@@ -810,7 +811,7 @@ for (int i = 0; i < 3; i++)
 
         if (message_length > message_space)
           {
-          dbdata_retry *newr = store_get(sizeof(dbdata_retry) + message_length);
+          dbdata_retry *newr = store_get(sizeof(dbdata_retry) + message_length, FALSE);
           memcpy(newr, retry_record, sizeof(dbdata_retry));
           retry_record = newr;
           }