git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
CVE-2020-28012: Missing close-on-exec flag for privileged pipe
[exim.git]
/
src
/
src
/
filter.c
diff --git
a/src/src/filter.c
b/src/src/filter.c
index 98b6bc3e84a72c57cb5987d036ba213f98fa2b15..3f9f750b68d01a3818e18dfb65ce75924c74af30 100644
(file)
--- a/
src/src/filter.c
+++ b/
src/src/filter.c
@@
-3,6
+3,7
@@
*************************************************/
/* Copyright (c) University of Cambridge 1995 - 2018 */
*************************************************/
/* Copyright (c) University of Cambridge 1995 - 2018 */
+/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */
/* See the file NOTICE for conditions of use and distribution. */
@@
-50,7
+51,7
@@
typedef struct condition_block {
/* Miscellaneous other declarations */
static uschar **error_pointer;
/* Miscellaneous other declarations */
static uschar **error_pointer;
-static uschar *log_filename;
+static
const
uschar *log_filename;
static int filter_options;
static int line_number;
static int expect_endif;
static int filter_options;
static int line_number;
static int expect_endif;
@@
-1510,7
+1511,7
@@
switch (c->type)
parse_extract_address(pp, &error, &start, &end, &domain, FALSE);
*p = saveend;
parse_extract_address(pp, &error, &start, &end, &domain, FALSE);
*p = saveend;
- if (filter_thisaddress
!= NULL
)
+ if (filter_thisaddress)
{
if ((filter_test != FTEST_NONE && debug_selector != 0) ||
(debug_selector & D_filter) != 0)
{
if ((filter_test != FTEST_NONE && debug_selector != 0) ||
(debug_selector & D_filter) != 0)
@@
-1667,7
+1668,7
@@
Returns: FF_DELIVERED success, a significant action was taken
static int
interpret_commands(filter_cmd *commands, address_item **generated)
{
static int
interpret_commands(filter_cmd *commands, address_item **generated)
{
-uschar *s;
+
const
uschar *s;
int mode;
address_item *addr;
BOOL condition_value;
int mode;
address_item *addr;
BOOL condition_value;
@@
-1676,7
+1677,7
@@
while (commands)
{
int ff_ret;
uschar *fmsg, *ff_name;
{
int ff_ret;
uschar *fmsg, *ff_name;
- uschar *expargs[MAILARGS_STRING_COUNT];
+
const
uschar *expargs[MAILARGS_STRING_COUNT];
int i, n[2];
int i, n[2];
@@
-1708,7
+1709,7
@@
while (commands)
case add_command:
for (i = 0; i < 2; i++)
{
case add_command:
for (i = 0; i < 2; i++)
{
- uschar *ss = expargs[i];
+
const
uschar *ss = expargs[i];
uschar *end;
if (i == 1 && (*ss++ != 'n' || ss[1] != 0))
uschar *end;
if (i == 1 && (*ss++ != 'n' || ss[1] != 0))
@@
-1747,11
+1748,11
@@
while (commands)
uschar *error;
uschar *ss = parse_extract_address(s, &error, &start, &end, &domain,
FALSE);
uschar *error;
uschar *ss = parse_extract_address(s, &error, &start, &end, &domain,
FALSE);
- if (ss
!= NULL
)
- expargs[i] =
((filter_options & RDO_REWRITE) != 0)?
- rewrite_address(ss, TRUE, FALSE, global_rewrite_rules,
- rewrite_existflags) :
- rewrite_address_qualify(ss, TRUE);
+ if (ss)
+ expargs[i] =
filter_options & RDO_REWRITE
+
?
rewrite_address(ss, TRUE, FALSE, global_rewrite_rules,
+ rewrite_existflags)
+
:
rewrite_address_qualify(ss, TRUE);
else
{
*error_pointer = string_sprintf("malformed address \"%s\" in "
else
{
*error_pointer = string_sprintf("malformed address \"%s\" in "
@@
-1805,9
+1806,8
@@
while (commands)
af_ignore_error flag if necessary, and the errors address, which can be
set in a system filter and to the local address in user filters. */
af_ignore_error flag if necessary, and the errors address, which can be
set in a system filter and to the local address in user filters. */
- addr = deliver_make_addr(expargs[0], TRUE); /* TRUE => copy s */
- addr->prop.errors_address = (s == NULL)?
- s : string_copy(s); /* Default is NULL */
+ addr = deliver_make_addr(US expargs[0], TRUE); /* TRUE => copy s, so deconst ok */
+ addr->prop.errors_address = !s ? NULL : string_copy(s); /* Default is NULL */
if (commands->noerror) addr->prop.ignore_error = TRUE;
addr->next = *generated;
*generated = addr;
if (commands->noerror) addr->prop.ignore_error = TRUE;
addr->next = *generated;
*generated = addr;
@@
-1847,7
+1847,7
@@
while (commands)
af_pfr and af_file flags, the af_ignore_error flag if necessary, and the
mode value. */
af_pfr and af_file flags, the af_ignore_error flag if necessary, and the
mode value. */
- addr = deliver_make_addr(
s, TRUE); /* TRUE => copy s
*/
+ addr = deliver_make_addr(
US s, TRUE); /* TRUE => copy s, so deconst ok
*/
setflag(addr, af_pfr);
setflag(addr, af_file);
if (commands->noerror) addr->prop.ignore_error = TRUE;
setflag(addr, af_pfr);
setflag(addr, af_file);
if (commands->noerror) addr->prop.ignore_error = TRUE;
@@
-1877,7
+1877,7
@@
while (commands)
each command argument is expanded in the transport after the command
has been split up into separate arguments. */
each command argument is expanded in the transport after the command
has been split up into separate arguments. */
- addr = deliver_make_addr(
s, TRUE); /* TRUE => copy s
*/
+ addr = deliver_make_addr(
US s, TRUE); /* TRUE => copy s, so deconst ok
*/
setflag(addr, af_pfr);
setflag(addr, af_expand_pipe);
if (commands->noerror) addr->prop.ignore_error = TRUE;
setflag(addr, af_pfr);
setflag(addr, af_expand_pipe);
if (commands->noerror) addr->prop.ignore_error = TRUE;
@@
-1951,7
+1951,7
@@
while (commands)
(long int)geteuid());
if (log_fd < 0)
{
(long int)geteuid());
if (log_fd < 0)
{
- if (
log_filename == NULL
)
+ if (
!log_filename
)
{
*error_pointer = US"attempt to obey \"logwrite\" command "
"without a previous \"logfile\"";
{
*error_pointer = US"attempt to obey \"logwrite\" command "
"without a previous \"logfile\"";
@@
-1960,7
+1960,7
@@
while (commands)
log_fd = Uopen(log_filename, O_CREAT|O_APPEND|O_WRONLY, log_mode);
if (log_fd < 0)
{
log_fd = Uopen(log_filename, O_CREAT|O_APPEND|O_WRONLY, log_mode);
if (log_fd < 0)
{
- *error_pointer = string_open_failed(
errno,
"filter log file \"%s\"",
+ *error_pointer = string_open_failed("filter log file \"%s\"",
log_filename);
return FF_ERROR;
}
log_filename);
return FF_ERROR;
}
@@
-1974,9
+1974,8
@@
while (commands)
}
}
else
}
}
else
- {
- DEBUG(D_filter) debug_printf_indent("skipping logwrite (verifying or testing)\n");
- }
+ DEBUG(D_filter)
+ debug_printf_indent("skipping logwrite (verifying or testing)\n");
break;
/* Header addition and removal is available only in the system filter. The
break;
/* Header addition and removal is available only in the system filter. The
@@
-2007,18
+2006,16
@@
while (commands)
else if (subtype == FALSE)
{
int sep = 0;
else if (subtype == FALSE)
{
int sep = 0;
- uschar *ss;
- const uschar *list = s;
- uschar buffer[128];
- while ((ss = string_nextinlist(&list, &sep, buffer, sizeof(buffer)))
- != NULL)
+ const uschar * list = s;
+
+ for (uschar * ss; ss = string_nextinlist(&list, &sep, NULL, 0); )
header_remove(0, ss);
}
/* This setting lasts only while the filter is running; on exit, the
variable is reset to the previous value. */
header_remove(0, ss);
}
/* This setting lasts only while the filter is running; on exit, the
variable is reset to the previous value. */
- else headers_charset = s;
+ else headers_charset = s;
/*XXX loses track of const */
}
break;
}
break;
@@
-2042,7
+2039,7
@@
while (commands)
ff_ret = FF_FREEZE;
DEFERFREEZEFAIL:
ff_ret = FF_FREEZE;
DEFERFREEZEFAIL:
- fmsg = expargs[0];
+ fmsg = expargs[0];
/*XXX loses track of const */
if (Ustrlen(fmsg) > 1024) Ustrcpy(fmsg + 1000, US" ... (truncated)");
fmsg = US string_printing(fmsg);
*error_pointer = fmsg;
if (Ustrlen(fmsg) > 1024) Ustrcpy(fmsg + 1000, US" ... (truncated)");
fmsg = US string_printing(fmsg);
*error_pointer = fmsg;
@@
-2125,7
+2122,7
@@
while (commands)
for (i = 0; i < MAILARGS_STRING_COUNT; i++)
{
uschar *p;
for (i = 0; i < MAILARGS_STRING_COUNT; i++)
{
uschar *p;
- uschar *s = expargs[i];
+
const
uschar *s = expargs[i];
if (s == NULL) continue;
if (s == NULL) continue;
@@
-2179,7
+2176,7
@@
while (commands)
/* The string is OK */
/* The string is OK */
- commands->args[i].u = s;
+ commands->args[i].u = s;
/*XXX loses track of const */
}
/* Proceed with mail or vacation command */
}
/* Proceed with mail or vacation command */
@@
-2367,8
+2364,9
@@
Returns: TRUE if the message is deemed to be personal
BOOL
filter_personal(string_item *aliases, BOOL scan_cc)
{
BOOL
filter_personal(string_item *aliases, BOOL scan_cc)
{
-uschar *self, *self_from, *self_to;
-uschar *psself = NULL, *psself_from = NULL, *psself_to = NULL;
+const uschar *self, *self_from, *self_to;
+uschar *psself = NULL;
+const uschar *psself_from = NULL, *psself_to = NULL;
rmark reset_point = store_mark();
BOOL yield;
header_line *h;
rmark reset_point = store_mark();
BOOL yield;
header_line *h;
@@
-2386,12
+2384,11
@@
Previously the test was for "auto-". */
for (h = header_list; h; h = h->next)
{
for (h = header_list; h; h = h->next)
{
- uschar *s;
if (h->type == htype_old) continue;
if (strncmpic(h->text, US"List-", 5) == 0)
{
if (h->type == htype_old) continue;
if (strncmpic(h->text, US"List-", 5) == 0)
{
- s = h->text + 5;
+
uschar *
s = h->text + 5;
if (strncmpic(s, US"Id:", 3) == 0 ||
strncmpic(s, US"Help:", 5) == 0 ||
strncmpic(s, US"Subscribe:", 10) == 0 ||
if (strncmpic(s, US"Id:", 3) == 0 ||
strncmpic(s, US"Help:", 5) == 0 ||
strncmpic(s, US"Subscribe:", 10) == 0 ||
@@
-2404,12
+2401,12
@@
for (h = header_list; h; h = h->next)
else if (strncmpic(h->text, US"Auto-submitted:", 15) == 0)
{
else if (strncmpic(h->text, US"Auto-submitted:", 15) == 0)
{
- s = h->text + 15;
-
while (isspace(*s)) s++
;
+
uschar *
s = h->text + 15;
+
Uskip_whitespace(&s)
;
if (strncmpic(s, US"no", 2) != 0) return FALSE;
s += 2;
if (strncmpic(s, US"no", 2) != 0) return FALSE;
s += 2;
-
while (isspace(*s)) s++
;
- if (*s
!= 0
) return FALSE;
+
Uskip_whitespace(&s)
;
+ if (*s) return FALSE;
}
}
}
}
@@
-2422,18
+2419,18
@@
self_to = rewrite_one(self, rewrite_to, NULL, FALSE, US"",
global_rewrite_rules);
global_rewrite_rules);
-if (
self_from == NULL
) self_from = self;
-if (self_to
== NULL
) self_to = self;
+if (
!self_from
) self_from = self;
+if (self_to) self_to = self;
/* If there's a prefix or suffix set, we must include the prefixed/
suffixed version of the local part in the tests. */
/* If there's a prefix or suffix set, we must include the prefixed/
suffixed version of the local part in the tests. */
-if (deliver_localpart_prefix
!= NULL || deliver_localpart_suffix != NULL
)
+if (deliver_localpart_prefix
|| deliver_localpart_suffix
)
{
psself = string_sprintf("%s%s%s@%s",
{
psself = string_sprintf("%s%s%s@%s",
-
(deliver_localpart_prefix == NULL)? US"" : deliver_localpart_prefix
,
+
deliver_localpart_prefix ? deliver_localpart_prefix : US""
,
deliver_localpart,
deliver_localpart,
-
(deliver_localpart_suffix == NULL)? US"" : deliver_localpart_suffix
,
+
deliver_localpart_suffix ? deliver_localpart_suffix : US""
,
deliver_domain);
psself_from = rewrite_one(psself, rewrite_from, NULL, FALSE, US"",
global_rewrite_rules);
deliver_domain);
psself_from = rewrite_one(psself, rewrite_from, NULL, FALSE, US"",
global_rewrite_rules);