Merge branch 'hs/taintwarn'

[exim.git] / src / src / directory.c

diff --git a/src/src/directory.c b/src/src/directory.c
index 64dfac833a728e4c66d4529f03f53db17e762a48..3273eb89b066a23f8ed35dbc7f7f0b3f4e5434f0 100644 (file)
--- a/src/src/directory.c
+++ b/src/src/directory.c
@@ -3,7 +3,7 @@
 *************************************************/
 
 /* Copyright (c) University of Cambridge 1995 - 2009 */
-/* Copyright (c) The Exim Maintainers 2017 */
+/* Copyright (c) The Exim Maintainers 2010 - 2018 */
 /* See the file NOTICE for conditions of use and distribution. */
 
 #include "exim.h"
@@ -44,6 +44,9 @@ uschar c = 1;
 struct stat statbuf;
 uschar * path;
 
+if (is_tainted2(name, LOG_MAIN|LOG_PANIC, "Tainted path '%s' for new directory", name))
+  { p = US"create"; path = US name; errno = EACCES; goto bad; }
+
 if (parent)
   {
   path = string_sprintf("%s%s%s", parent, US"/", name);
@@ -69,7 +72,7 @@ while (c && *p)
 
     /* Set the ownership if necessary. */
 
-    if (use_chown && Uchown(path, exim_uid, exim_gid))
+    if (use_chown && exim_chown(path, exim_uid, exim_gid))
       { p = US"set owner on"; goto bad; }
 
     /* It appears that any mode bits greater than 0777 are ignored by
@@ -85,7 +88,7 @@ return TRUE;
 
 bad:
   if (panic) log_write(0, LOG_MAIN|LOG_PANIC_DIE,
-    "Failed to %s directory \"%s\": %s\n", p, path, strerror(errno));
+    "Failed to %s directory \"%s\": %s\n", p, path, exim_errstr(errno));
   return FALSE;
 }