-/* $Cambridge: exim/src/src/bmi_spam.c,v 1.3 2005/02/17 11:58:25 ph10 Exp $ */
-
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
/* Code for calling Brightmail AntiSpam.
Copyright (c) Tom Kistner <tom@duncanthrax.net> 2004
License: GPL */
+/* Copyright (c) The Exim Maintainers 2021 - 2022 */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
#include "exim.h"
#ifdef EXPERIMENTAL_BRIGHTMAIL
uschar *verdicts = NULL;
int i,j;
- err = bmiInitSystem(BMI_VERSION, (char *)bmi_config_file, &system);
+ err = bmiInitSystem(BMI_VERSION, CS bmi_config_file, &system);
if (bmiErrorIsFatal(err) == BMI_TRUE) {
err_loc = bmiErrorGetLocation(err);
err_type = bmiErrorGetType(err);
host_address = localhost;
else
host_address = sender_host_address;
- err = bmiProcessConnection((char *)host_address, message);
+ err = bmiProcessConnection(CS host_address, message);
if (bmiErrorIsFatal(err) == BMI_TRUE) {
err_loc = bmiErrorGetLocation(err);
err_type = bmiErrorGetType(err);
log_write(0, LOG_PANIC,
- "bmi error [loc %d type %d]: bmiProcessConnection() failed (IP %s).", (int)err_loc, (int)err_type, (char *)host_address);
+ "bmi error [loc %d type %d]: bmiProcessConnection() failed (IP %s).", (int)err_loc, (int)err_type, CS host_address);
bmiFreeMessage(message);
bmiFreeSystem(system);
return NULL;
};
/* Send envelope sender address */
- err = bmiProcessFROM((char *)sender_address, message);
+ err = bmiProcessFROM(CS sender_address, message);
if (bmiErrorIsFatal(err) == BMI_TRUE) {
err_loc = bmiErrorGetLocation(err);
err_type = bmiErrorGetType(err);
log_write(0, LOG_PANIC,
- "bmi error [loc %d type %d]: bmiProcessFROM() failed (address %s).", (int)err_loc, (int)err_type, (char *)sender_address);
+ "bmi error [loc %d type %d]: bmiProcessFROM() failed (address %s).", (int)err_loc, (int)err_type, CS sender_address);
bmiFreeMessage(message);
bmiFreeSystem(system);
return NULL;
err = bmiOptinMset(optin, r->bmi_optin, ':');
if (bmiErrorIsFatal(err) == BMI_TRUE) {
log_write(0, LOG_PANIC|LOG_MAIN,
- "bmi warning: [loc %d type %d]: bmiOptinMSet() failed (address '%s', string '%s').", (int)err_loc, (int)err_type, (char *)r->address, (char *)r->bmi_optin);
+ "bmi warning: [loc %d type %d]: bmiOptinMSet() failed (address '%s', string '%s').", (int)err_loc, (int)err_type, CS r->address, CS r->bmi_optin);
if (optin != NULL)
bmiOptinFree(optin);
optin = NULL;
};
};
- err = bmiAccumulateTO((char *)r->address, optin, message);
+ err = bmiAccumulateTO(CS r->address, optin, message);
if (optin != NULL)
bmiOptinFree(optin);
err_loc = bmiErrorGetLocation(err);
err_type = bmiErrorGetType(err);
log_write(0, LOG_PANIC,
- "bmi error [loc %d type %d]: bmiAccumulateTO() failed (address %s).", (int)err_loc, (int)err_type, (char *)r->address);
+ "bmi error [loc %d type %d]: bmiAccumulateTO() failed (address %s).", (int)err_loc, (int)err_type, CS r->address);
bmiFreeMessage(message);
bmiFreeSystem(system);
return NULL;
header_list = header_list->next;
continue;
};
- err = bmiAccumulateHeaders((const char *)header_list->text, header_list->slen, message);
+ err = bmiAccumulateHeaders(CCS header_list->text, header_list->slen, message);
if (bmiErrorIsFatal(err) == BMI_TRUE) {
err_loc = bmiErrorGetLocation(err);
err_type = bmiErrorGetType(err);
do {
j = fread(data_buffer, 1, sizeof(data_buffer), data_file);
if (j > 0) {
- err = bmiAccumulateBody((const char *)data_buffer, j, message);
+ err = bmiAccumulateBody(CCS data_buffer, j, message);
if (bmiErrorIsFatal(err) == BMI_TRUE) {
err_loc = bmiErrorGetLocation(err);
err_type = bmiErrorGetType(err);
return NULL;
};
- /* get store for the verdict string */
- verdicts = store_get(1);
+ /* Get store for the verdict string. Since we are processing message data, assume that
+ the verdict is tainted. XXX this should use a growable-string */
+
+ verdicts = store_get(1, GET_TAINTED);
*verdicts = '\0';
for ( err = bmiAccessFirstVerdict(message, &verdict);
- verdict != NULL;
+ verdict;
err = bmiAccessNextVerdict(message, verdict, &verdict) ) {
char *verdict_str;
err = bmiCreateStrFromVerdict(verdict,&verdict_str);
- if (!store_extend(verdicts, Ustrlen(verdicts)+1, Ustrlen(verdicts)+1+strlen(verdict_str)+1)) {
+ if (!store_extend(verdicts,
+ Ustrlen(verdicts)+1, Ustrlen(verdicts)+1+strlen(verdict_str)+1)) {
/* can't allocate more store */
return NULL;
};
}
else {
/* deliver to alternate location */
- rc = store_get(strlen(bmiVerdictAccessDestination(verdict))+1);
+ rc = store_get(strlen(bmiVerdictAccessDestination(verdict))+1, GET_TAINTED);
Ustrcpy(rc, bmiVerdictAccessDestination(verdict));
rc[strlen(bmiVerdictAccessDestination(verdict))] = '\0';
};
return NULL;
/* allocate room for the b64 verdict string */
- verdict_buffer = store_get(Ustrlen(bmi_verdicts)+1);
+ verdict_buffer = store_get(Ustrlen(bmi_verdicts)+1, GET_TAINTED);
/* loop through verdicts */
verdict_ptr = bmi_verdicts;
- while ((verdict_str = (const char *)string_nextinlist(&verdict_ptr, &sep,
+ while ((verdict_str = CCS string_nextinlist(&verdict_ptr, &sep,
verdict_buffer,
Ustrlen(bmi_verdicts)+1)) != NULL) {
uschar *rcpt_domain;
/* compare address against our subject */
- rcpt_local_part = (unsigned char *)bmiRecipientAccessAddress(recipient);
+ rcpt_local_part = US bmiRecipientAccessAddress(recipient);
rcpt_domain = Ustrchr(rcpt_local_part,'@');
if (rcpt_domain == NULL) {
rcpt_domain = US"";
(strcmpic(rcpt_domain, bmi_domain) == 0) ) {
/* found verdict */
bmiFreeVerdict(verdict);
- return (uschar *)verdict_str;
+ return US verdict_str;
};
};
}
/* loop through numbers */
+ /* option_list doesn't seem to be expanded so cannot be tainted. If it ever is we
+ will trap here */
rule_ptr = option_list;
while ((rule_num = string_nextinlist(&rule_ptr, &sep,
- rule_buffer, 32)) != NULL) {
+ rule_buffer, sizeof(rule_buffer)))) {
int rule_int = -1;
/* try to translate to int */
- sscanf(rule_num, "%d", &rule_int);
+ (void)sscanf(rule_num, "%d", &rule_int);
if (rule_int > 0) {
debug_printf("checking rule #%d\n", rule_int);
/* check if rule fired on the message */
git://git.exim.org / exim.git / blobdiff