Merge branch 'hs/taintwarn'

[exim.git] / src / src / parse.c

diff --git a/src/src/parse.c b/src/src/parse.c
index e0470c86f51236265d9ba67b671e420c34b77112..896d00f30bdfe41b74eb1df5f3d77f734e792030 100644 (file)
--- a/src/src/parse.c
+++ b/src/src/parse.c
@@ -984,12 +984,12 @@ if (i < len)
 
 /* No non-printers; use the RFC 822 quoting rules */
 
-if (!len)
+if (len <= 0 || len >= INT_MAX/4)
   {
-  return string_copy_taint(US"", is_tainted(phrase));
+  return string_copy_taint(CUS"", is_tainted(phrase));
   }
 
-buffer = store_get(len*4, is_tainted(phrase));
+buffer = store_get((len+1)*4, is_tainted(phrase));
 
 s = phrase;
 end = s + len;
@@ -1415,12 +1415,8 @@ for (;;)
       return FF_ERROR;
       }
 
-    if (is_tainted(filename))
-      {
-      *error = string_sprintf("Tainted name '%s' for included file  not permitted\n",
-       filename);
+    if ((*error = is_tainted2(filename, 0, "Tainted name '%s' for included file not permitted\n", filename)))
       return FF_ERROR;
-      }
 
     /* Check file name if required */