Check query strings of query-style lookups for quoting. Bug 2850

[exim.git] / src / src / auths / pwcheck.c

diff --git a/src/src/auths/pwcheck.c b/src/src/auths/pwcheck.c
index 54ba80f92ab9881e92c1ffde53e1ed7a2786b56b..f2188bb6a3428a797962d3c882528eadaac7ce66 100644 (file)
--- a/src/src/auths/pwcheck.c
+++ b/src/src/auths/pwcheck.c
@@ -86,8 +86,6 @@ int pwcheck_verify_password(const char *userid,
                             const char *passwd,
                             const char **reply)
 {
-userid = userid;  /* Keep picky compilers happy */
-passwd = passwd;
 *reply = "pwcheck support is not included in this Exim binary";
 return PWCHECK_FAIL;
 }
@@ -163,10 +161,6 @@ int saslauthd_verify_password(const uschar *userid,
                 const uschar *realm,
                 const uschar **reply)
 {
-userid = userid;  /* Keep picky compilers happy */
-passwd = passwd;
-service = service;
-realm = realm;
 *reply = US"saslauthd support is not included in this Exim binary";
 return PWCHECK_FAIL;
 }
@@ -296,7 +290,8 @@ static int read_string(int fd, uschar **retval) {
         if (count > MAX_REQ_LEN) {
             return -1;
         } else {
-            *retval = store_get(count + 1);
+           /* Assume the file is trusted, so no tainting */
+            *retval = store_get(count + 1, GET_UNTAINTED);
             rc = (retry_read(fd, *retval, count) < (int) count);
             (*retval)[count] = '\0';
             return count;