* Exim - an Internet mail transport agent *
*************************************************/
+/* Copyright (c) The Exim Maintainers 2020 - 2022 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
-/* Copyright (c) The Exim Maintainers 2020 - 2021 */
/* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
/* Functions for parsing addresses */
#ifdef STAND_ALONE
-address_item *deliver_make_addr(uschar *address, BOOL copy)
+address_item *
+deliver_make_addr(uschar *address, BOOL copy)
{
-address_item *addr = store_get(sizeof(address_item), FALSE);
+address_item *addr = store_get(sizeof(address_item), GET_UNTAINTED);
addr->next = NULL;
addr->parent = NULL;
addr->address = address;
return addr;
}
-uschar *rewrite_address(uschar *recipient, BOOL dummy1, BOOL dummy2, rewrite_rule
+uschar *
+rewrite_address(uschar *recipient, BOOL dummy1, BOOL dummy2, rewrite_rule
*dummy3, int dummy4)
{
return recipient;
}
-uschar *rewrite_address_qualify(uschar *recipient, BOOL dummy1)
+uschar *
+rewrite_address_qualify(uschar *recipient, BOOL dummy1)
{
return recipient;
}
parse_extract_address(const uschar *mailbox, uschar **errorptr, int *start, int *end,
int *domain, BOOL allow_null)
{
-uschar *yield = store_get(Ustrlen(mailbox) + 1, is_tainted(mailbox));
+uschar * yield = store_get(Ustrlen(mailbox) + 1, mailbox);
const uschar *startptr, *endptr;
const uschar *s = US mailbox;
uschar *t = US yield;
if (*s != '@' && *s != '<')
{
- if (*s == 0 || *s == ';')
+ if (!*s || *s == ';')
{
if (!*t) FAILED(US"empty address");
endptr = last_comment_position;
/* No non-printers; use the RFC 822 quoting rules */
if (len <= 0 || len >= INT_MAX/4)
- {
- return string_copy_taint(CUS"", is_tainted(phrase));
- }
+ return string_copy_taint(CUS"", phrase);
-buffer = store_get((len+1)*4, is_tainted(phrase));
+buffer = store_get((len+1)*4, phrase);
s = phrase;
end = s + len;
int
parse_forward_list(const uschar *s, int options, address_item **anchor,
- uschar **error, const uschar *incoming_domain, uschar *directory,
+ uschar **error, const uschar *incoming_domain, const uschar *directory,
error_block **syntax_errors)
{
int count = 0;
return FF_ERROR;
}
- if (flen > 255)
+ if (flen > sizeof(filename)-1)
{
*error = string_sprintf("included file name \"%s\" is too long", t);
return FF_ERROR;
return FF_ERROR;
}
- if ((*error = is_tainted2(filename, 0, "Tainted name '%s' for included file not permitted\n", filename)))
+ if (is_tainted(filename))
+ {
+ *error = string_sprintf("Tainted name '%s' for included file not permitted\n",
+ filename);
return FF_ERROR;
+ }
/* Check file name if required */
if (directory)
{
int len = Ustrlen(directory);
- uschar * p = filename + len;
+ uschar * p;
+ while (len > 0 && directory[len-1] == '/') len--; /* ignore trailing '/' */
+ p = filename + len;
if (Ustrncmp(filename, directory, len) != 0 || *p != '/')
{
*error = string_sprintf("included file %s is not in directory %s",
with a flag that fails symlinks. */
{
- int fd = exim_open2(CS directory, O_RDONLY);
+ int fd = exim_open2(CCS directory, O_RDONLY);
if (fd < 0)
{
*error = string_sprintf("failed to open directory %s", directory);
{
uschar temp;
int fd2;
- uschar * q = p;
+ uschar * q = p + 1; /* skip dividing '/' */
- while (*++p && *p != '/') ;
+ while (*q == '/') q++; /* skip extra '/' */
+ while (*++p && *p != '/') ; /* end of component */
temp = *p;
*p = '\0';
return FF_ERROR;
}
- filebuf = store_get(statbuf.st_size + 1, is_tainted(filename));
+ filebuf = store_get(statbuf.st_size + 1, filename);
if (fread(filebuf, 1, statbuf.st_size, f) != statbuf.st_size)
{
*error = string_sprintf("error while reading included file %s: %s",
if ((*s_ltd == '|' || *s_ltd == '/') && (!recipient || domain == 0))
{
- uschar * t = store_get(Ustrlen(s_ltd) + 1, is_tainted(s_ltd));
+ uschar * t = store_get(Ustrlen(s_ltd) + 1, s_ltd);
uschar * p = t, * q = s_ltd;
while (*q)
if (syntax_errors)
{
- error_block * e = store_get(sizeof(error_block), FALSE);
+ error_block * e = store_get(sizeof(error_block), GET_UNTAINTED);
error_block * last = *syntax_errors;
if (last)
{
line. Therefore, take care to release unwanted store afterwards. */
reset_point = store_mark();
-id = *yield = store_get(Ustrlen(str) + 1, is_tainted(str));
+id = *yield = store_get(Ustrlen(str) + 1, str);
*id++ = *str++;
str = read_addr_spec(str, id, '>', error, &domain);