CVE-2020-28014, CVE-2021-27216: PID file handling

[exim.git] / src / src / exim.c

diff --git a/src/src/exim.c b/src/src/exim.c
index d6f0c08f742ef44b13eff16228a51597fb6d0a14..49ba9e728b62f17a3a8bb8a2535935b11d560430 100644 (file)
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -761,7 +761,7 @@ exit(EXIT_FAILURE);
 }
 
 /* fail if a length is too long */
-static void
+static inline void
 exim_len_fail_toolong(int itemlen, int maxlen, const char *description)
 {
 if (itemlen <= maxlen)
@@ -772,7 +772,7 @@ exit(EXIT_FAILURE);
 }
 
 /* only pass through the string item back to the caller if it's short enough */
-static const uschar *
+static inline const uschar *
 exim_str_fail_toolong(const uschar *item, int maxlen, const char *description)
 {
 exim_len_fail_toolong(Ustrlen(item), maxlen, description);
@@ -3256,6 +3256,10 @@ on the second character (the one after '-'), to save some effort. */
         -oPX:       delete pid file of daemon */
 
       case 'P':
+       if (!f.running_in_test_harness && real_uid != root_uid && real_uid != exim_uid)
+         exim_fail("exim: only uid=%d or uid=%d can use -oP and -oPX "
+                    "(uid=%d euid=%d | %d)\n",
+                    root_uid, exim_uid, getuid(), geteuid(), real_uid);
        if (!*argrest) override_pid_file_path = argv[++i];
        else if (Ustrcmp(argrest, "X") == 0) delete_pid_file();
        else badarg = TRUE;