taint SNI values supplied by client

[exim.git] / src / src / deliver.c

diff --git a/src/src/deliver.c b/src/src/deliver.c
index 05494dd8b74b52eb3c04d0e7eeb110e6d403aa18..a82a04f42a27d7cb2b011786cf575bdb363969df 100644 (file)
--- a/src/src/deliver.c
+++ b/src/src/deliver.c
@@ -107,21 +107,21 @@ Returns:      the amount of bytes read
 static ssize_t
 readn(int fd, void * buffer, size_t len)
 {
-  void * next = buffer;
-  void * end = buffer + len;
+uschar * next = buffer;
+uschar * end = next + len;
 
-  while (next < end)
-    {
-    ssize_t got = read(fd, next, end - next);
+while (next < end)
+  {
+  ssize_t got = read(fd, next, end - next);
 
-    /* I'm not sure if there are signals that can interrupt us,
-    for now I assume the worst */
-    if (got == -1 && errno == EINTR) continue;
-    if (got <= 0) return next - buffer;
-    next += got;
-    }
+  /* I'm not sure if there are signals that can interrupt us,
+  for now I assume the worst */
+  if (got == -1 && errno == EINTR) continue;
+  if (got <= 0) return next - US buffer;
+  next += got;
+  }
 
-  return len;
+return len;
 }
 
 
@@ -4794,7 +4794,6 @@ all pipes, so I do not see a reason to use non-blocking IO here
     for(; addr; addr = addr->next)
       {
       uschar *ptr;
-      retry_item *r;
 
       /* The certificate verification status goes into the flags */
       if (tls_out.certificate_verified) setflag(addr, af_cert_verified);
@@ -4894,7 +4893,7 @@ all pipes, so I do not see a reason to use non-blocking IO here
 
       /* Retry information: for most success cases this will be null. */
 
-      for (r = addr->retries; r; r = r->next)
+      for (retry_item * r = addr->retries; r; r = r->next)
         {
         sprintf(CS big_buffer, "%c%.500s", r->flags, r->key);
         ptr = big_buffer + Ustrlen(big_buffer+2) + 3;