git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
tidying
[exim.git]
/
src
/
src
/
dns.c
diff --git
a/src/src/dns.c
b/src/src/dns.c
index 490eb883d3d53eaf85f33063fd2e7bf148e37c43..4e01d8661271948ad1b75b2378d7eb9554a28598 100644
(file)
--- a/
src/src/dns.c
+++ b/
src/src/dns.c
@@
-2,9
+2,10
@@
* Exim - an Internet mail transport agent *
*************************************************/
* Exim - an Internet mail transport agent *
*************************************************/
+/* Copyright (c) The Exim Maintainers 2020 - 2022 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
-/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */
/* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
/* Functions for interfacing with the DNS. */
/* Functions for interfacing with the DNS. */
@@
-258,7
+259,7
@@
else
{
int v6[4];
{
int v6[4];
- g = string_get_tainted(32,
is_tainted(string)
);
+ g = string_get_tainted(32,
string
);
(void)host_aton(string, v6);
/* The original specification for IPv6 reverse lookup was to invert each
(void)host_aton(string, v6);
/* The original specification for IPv6 reverse lookup was to invert each
@@
-637,7
+638,7
@@
if ((previous = tree_search(tree_dns_fails, node_name)))
e = previous->data.ptr;
else
{
e = previous->data.ptr;
else
{
- e = store_get_perm(DNS_FAILNODE_SIZE,
is_tainted(name)
);
+ e = store_get_perm(DNS_FAILNODE_SIZE,
name
);
new = (void *)(e+1);
dns_fail_tag(new->name, name, type);
new->data.ptr = e;
new = (void *)(e+1);
dns_fail_tag(new->name, name, type);
new->data.ptr = e;
@@
-850,11
+851,8
@@
more.) */
if (check_dns_names_pattern[0] != 0 && type != T_PTR && type != T_TXT)
{
if (check_dns_names_pattern[0] != 0 && type != T_PTR && type != T_TXT)
{
- int ovector[3*(EXPAND_MAXN+1)];
-
dns_pattern_init();
dns_pattern_init();
- if (pcre_exec(regex_check_dns_names, NULL, CCS name, Ustrlen(name),
- 0, PCRE_EOPT, ovector, nelem(ovector)) < 0)
+ if (!regex_match(regex_check_dns_names, name, -1, NULL))
{
DEBUG(D_dns)
debug_printf("DNS name syntax check failed: %s (%s)\n", name,
{
DEBUG(D_dns)
debug_printf("DNS name syntax check failed: %s (%s)\n", name,
@@
-1068,7
+1066,7
@@
for (int i = 0; i <= dns_cname_loops; i++)
return DNS_FAIL;
/* DNS data comes from the outside, hence tainted */
return DNS_FAIL;
/* DNS data comes from the outside, hence tainted */
- data = store_get(256,
TRUE
);
+ data = store_get(256,
GET_TAINTED
);
if (dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen,
cname_rr.data, (DN_EXPAND_ARG4_TYPE)data, 256) < 0)
return DNS_FAIL;
if (dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen,
cname_rr.data, (DN_EXPAND_ARG4_TYPE)data, 256) < 0)
return DNS_FAIL;
@@
-1151,7
+1149,7
@@
switch (type)
case T_CSA:
{
uschar *srvname, *namesuff, *tld;
case T_CSA:
{
uschar *srvname, *namesuff, *tld;
- int priority, weight, port;
+ int priority,
dummy_
weight, port;
int limit, rc, i;
BOOL ipv6;
dns_record *rr;
int limit, rc, i;
BOOL ipv6;
dns_record *rr;
@@
-1240,7
+1238,7
@@
switch (type)
/* Extract the numerical SRV fields (p is incremented) */
GETSHORT(priority, p);
/* Extract the numerical SRV fields (p is incremented) */
GETSHORT(priority, p);
- GETSHORT(weight, p);
+ GETSHORT(
dummy_
weight, p);
GETSHORT(port, p);
/* Check the CSA version number */
GETSHORT(port, p);
/* Check the CSA version number */
@@
-1296,7
+1294,7
@@
if (rr->type == T_A)
if (p + 4 <= dnsa_lim)
{
/* the IP is not regarded as tainted */
if (p + 4 <= dnsa_lim)
{
/* the IP is not regarded as tainted */
- yield = store_get(sizeof(dns_address) + 20,
FALSE
);
+ yield = store_get(sizeof(dns_address) + 20,
GET_UNTAINTED
);
(void)sprintf(CS yield->address, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
yield->next = NULL;
}
(void)sprintf(CS yield->address, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
yield->next = NULL;
}
@@
-1310,7
+1308,7
@@
else
{
struct in6_addr in6;
for (int i = 0; i < 16; i++) in6.s6_addr[i] = rr->data[i];
{
struct in6_addr in6;
for (int i = 0; i < 16; i++) in6.s6_addr[i] = rr->data[i];
- yield = store_get(sizeof(dns_address) + 50,
FALSE
);
+ yield = store_get(sizeof(dns_address) + 50,
GET_UNTAINTED
);
inet_ntop(AF_INET6, &in6, CS yield->address, 50);
yield->next = NULL;
}
inet_ntop(AF_INET6, &in6, CS yield->address, 50);
yield->next = NULL;
}
@@
-1327,7
+1325,7
@@
dns_pattern_init(void)
{
if (check_dns_names_pattern[0] != 0 && !regex_check_dns_names)
regex_check_dns_names =
{
if (check_dns_names_pattern[0] != 0 && !regex_check_dns_names)
regex_check_dns_names =
- regex_must_compile(check_dns_names_pattern,
FALSE
, TRUE);
+ regex_must_compile(check_dns_names_pattern,
MCS_NOFLAGS
, TRUE);
}
/* vi: aw ai sw=2
}
/* vi: aw ai sw=2