/* Copyright (c) The Exim Maintainers 2020 - 2022 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
/* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
/* The main function: entry point, initialization, and high-level control.
/* This function runs a regular expression match, and sets up the pointers to
the matched substrings. The matched strings are copied so the lifetime of
-the subject is not a problem.
+the subject is not a problem. Matched strings will have the same taint status
+as the subject string (this is not a de-taint method, and must not be made so
+given the support for wildcards in REs).
Arguments:
re the compiled expression
if ((yield = (res >= 0)))
{
+ PCRE2_SIZE * ovec = pcre2_get_ovector_pointer(md);
res = pcre2_get_ovector_count(md);
expand_nmax = setup < 0 ? 0 : setup + 1;
for (int matchnum = setup < 0 ? 0 : 1; matchnum < res; matchnum++)
{
- PCRE2_SIZE len;
- pcre2_substring_get_bynumber(md, matchnum,
- (PCRE2_UCHAR **)&expand_nstring[expand_nmax], &len);
- expand_nlength[expand_nmax++] = (int)len;
+ /* Although PCRE2 has a pcre2_substring_get_bynumber() conveneience, it
+ seems to return a bad pointer when a capture group had no data, eg. (.*)
+ matching zero letters. So use the underlying ovec and hope (!) that the
+ offsets are sane (including that case). Should we go further and range-
+ check each one vs. the subject string length? */
+ int off = matchnum * 2;
+ int len = ovec[off + 1] - ovec[off];
+ expand_nstring[expand_nmax] = string_copyn(subject + ovec[off], len);
+ expand_nlength[expand_nmax++] = len;
}
expand_nmax--;
}
***********************************************/
#define STACKDUMP_MAX 24
-static void
+void
stackdump(void)
{
#ifndef NO_EXECINFO
char ** ss;
int nptrs = backtrace(buf, STACKDUMP_MAX);
-log_write(0, LOG_MAIN|LOG_PANIC, "backtrace\n");
-log_write(0, LOG_MAIN|LOG_PANIC, "---\n");
+log_write(0, LOG_MAIN|LOG_PANIC, "backtrace");
+log_write(0, LOG_MAIN|LOG_PANIC, "---");
if ((ss = backtrace_symbols(buf, nptrs)))
{
for (int i = 0; i < nptrs; i++)
- log_write(0, LOG_MAIN|LOG_PANIC, "\t%s\n", ss[i]);
+ log_write(0, LOG_MAIN|LOG_PANIC, "\t%s", ss[i]);
free(ss);
}
else
- log_write(0, LOG_MAIN|LOG_PANIC, "backtrace_symbols: %s\n", strerror(errno));
-log_write(0, LOG_MAIN|LOG_PANIC, "---\n");
+ log_write(0, LOG_MAIN|LOG_PANIC, "backtrace_symbols: %s", strerror(errno));
+log_write(0, LOG_MAIN|LOG_PANIC, "---");
#endif
}
#undef STACKDUMP_MAX
if (macro_read_assignment(big_buffer))
printf("Defined macro '%s'\n", mlast->name);
}
+else if (Ustrncmp(big_buffer, "set ", 4) == 0)
+ printf("%s\n", acl_standalone_setvar(big_buffer+4));
else
if ((s = expand_string(big_buffer))) printf("%s\n", CS s);
else printf("Failed: %s\n", expand_string_message);
regex_must_compile(US"^[A-Za-z0-9_/.-]*$", MCS_NOFLAGS, TRUE);
#endif
-for (i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
-
/* If the program is called as "mailq" treat it as equivalent to "exim -bp";
this seems to be a generally accepted convention, since one finds symbolic
links called "mailq" in standard OS configurations. */
else if (Ustrcmp(argrest, "ai") == 0)
authenticated_id = string_copy_taint(
- exim_str_fail_toolong(argv[++i], EXIM_EMAILADDR_MAX, "-oMas"),
+ exim_str_fail_toolong(argv[++i], EXIM_EMAILADDR_MAX, "-oMai"),
GET_TAINTED);
/* -oMi: Set incoming interface address */
dnslist_domain = dnslist_matched = NULL;
#ifdef WITH_CONTENT_SCAN
malware_name = NULL;
+ regex_vars_clear();
#endif
callout_address = NULL;
sending_ip_address = NULL;
deliver_localpart_data = deliver_domain_data =
recipient_data = sender_data = NULL;
acl_var_m = NULL;
- for(int i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
store_reset(reset_point);
}
git://git.exim.org / exim.git / blobdiff