deliver

[exim.git] / src / src / rda.c

diff --git a/src/src/rda.c b/src/src/rda.c
index 5615b64d5b893edb93f0e0c5686b31d0e1dbba58..3b458430afe35e29206f87e1bb2f26a508d48b1d 100644 (file)
--- a/src/src/rda.c
+++ b/src/src/rda.c
@@ -179,10 +179,8 @@ struct stat statbuf;
 /* Reading a file is a form of expansion; we wish to deny attackers the
 capability to specify the file name. */
 
-if (is_tainted(filename))
+if (*error = is_tainted2(filename, 0, "Tainted name '%s' for file read not permitted\n", filename))
   {
-  *error = string_sprintf("Tainted name '%s' for file read not permitted\n",
-                       filename);
   *yield = FF_ERROR;
   return NULL;
   }
@@ -618,9 +616,14 @@ search_tidyup();
 if ((pid = exim_fork(US"router-interpret")) == 0)
   {
   header_line *waslast = header_last;   /* Save last header */
+  int fd_flags = -1;
 
   fd = pfd[pipe_write];
   (void)close(pfd[pipe_read]);
+
+  if ((fd_flags = fcntl(fd, F_GETFD)) == -1) goto bad;
+  if (fcntl(fd, F_SETFD, fd_flags | FD_CLOEXEC) == -1) goto bad;
+
   exim_setugid(ugid->uid, ugid->gid, FALSE, rname);
 
   /* Addresses can get rewritten in filters; if we are not root or the exim