git://git.exim.org / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Track tainted data and refuse to expand it
[exim.git] / src / src / routers / iplookup.c
diff --git a/src/src/routers/iplookup.c b/src/src/routers/iplookup.c
index 13849f9f1e48370a7b3a548f0ad5595f809a86f2..4ceb1f59a2fa08158dd02bfcce4a479a42dc1d61 100644 (file)
--- a/src/src/routers/iplookup.c
+++ b/src/src/routers/iplookup.c
@@ -160,7 +160,7 @@ uschar *reply;
 uschar *hostname, *reroute, *domain;
 const uschar *listptr;
 uschar host_buffer[256];
-host_item *host = store_get(sizeof(host_item));
+host_item *host = store_get(sizeof(host_item), FALSE);
 address_item *new_addr;
 iplookup_router_options_block *ob =
   (iplookup_router_options_block *)(rblock->options_block);
@@ -176,7 +176,7 @@ pw = pw;
 DEBUG(D_route) debug_printf("%s router called for %s: domain = %s\n",
   rblock->name, addr->address, addr->domain);
 
-reply = store_get(256);
+reply = store_get(256, TRUE);  /* tainted data */
 
 /* Build the query string to send. If not explicitly given, a default of
 "user@domain user@domain" is used. */
Master Exim source repository