git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
SPDX: license tags (mostly by guesswork)
[exim.git]
/
src
/
src
/
lookups
/
mysql.c
diff --git
a/src/src/lookups/mysql.c
b/src/src/lookups/mysql.c
index 88a072ea911458868156d7c5178902c5593f89a1..a8dae4adee6b6a3cec10f80cb6c82f0cc8662ab3 100644
(file)
--- a/
src/src/lookups/mysql.c
+++ b/
src/src/lookups/mysql.c
@@
-2,8
+2,10
@@
* Exim - an Internet mail transport agent *
*************************************************/
* Exim - an Internet mail transport agent *
*************************************************/
+/* Copyright (c) The Exim Maintainers 2020 - 2022 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
/* See the file NOTICE for conditions of use and distribution. */
/* Copyright (c) University of Cambridge 1995 - 2018 */
/* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-only */
/* Thanks to Paul Kelly for contributing the original code for these
functions. */
/* Thanks to Paul Kelly for contributing the original code for these
functions. */
@@
-230,7
+232,7
@@
if (!cn)
/* Get store for a new handle, initialize it, and connect to the server */
/* Get store for a new handle, initialize it, and connect to the server */
- mysql_handle = store_get(sizeof(MYSQL),
FALSE
);
+ mysql_handle = store_get(sizeof(MYSQL),
GET_UNTAINTED
);
mysql_init(mysql_handle);
mysql_options(mysql_handle, MYSQL_READ_DEFAULT_GROUP, CS group);
if (mysql_real_connect(mysql_handle,
mysql_init(mysql_handle);
mysql_options(mysql_handle, MYSQL_READ_DEFAULT_GROUP, CS group);
if (mysql_real_connect(mysql_handle,
@@
-246,7
+248,7
@@
if (!cn)
/* Add the connection to the cache */
/* Add the connection to the cache */
- cn = store_get(sizeof(mysql_connection),
FALSE
);
+ cn = store_get(sizeof(mysql_connection),
GET_UNTAINTED
);
cn->server = server_copy;
cn->handle = mysql_handle;
cn->next = mysql_connections;
cn->server = server_copy;
cn->handle = mysql_handle;
cn->next = mysql_connections;
@@
-285,7
+287,7
@@
if (!(mysql_result = mysql_use_result(mysql_handle)))
{
DEBUG(D_lookup) debug_printf_indent("MYSQL: query was not one that returns data\n");
result = string_cat(result,
{
DEBUG(D_lookup) debug_printf_indent("MYSQL: query was not one that returns data\n");
result = string_cat(result,
- string_sprintf("%d", mysql_affected_rows(mysql_handle)));
+ string_sprintf("%
ll
d", mysql_affected_rows(mysql_handle)));
*do_cache = 0;
goto MYSQL_EXIT;
}
*do_cache = 0;
goto MYSQL_EXIT;
}
@@
-307,7
+309,7
@@
fields = mysql_fetch_fields(mysql_result);
while ((mysql_row_data = mysql_fetch_row(mysql_result)))
{
while ((mysql_row_data = mysql_fetch_row(mysql_result)))
{
- unsigned long *lengths = mysql_fetch_lengths(mysql_result);
+ unsigned long *
lengths = mysql_fetch_lengths(mysql_result);
if (result)
result = string_catn(result, US"\n", 1);
if (result)
result = string_catn(result, US"\n", 1);
@@
-318,7
+320,9
@@
while ((mysql_row_data = mysql_fetch_row(mysql_result)))
result);
else if (mysql_row_data[0] != NULL) /* NULL value yields nothing */
result);
else if (mysql_row_data[0] != NULL) /* NULL value yields nothing */
- result = string_catn(result, US mysql_row_data[0], lengths[0]);
+ result = lengths[0] == 0 && !result
+ ? string_get(1) /* for 0-len string result ensure non-null gstring */
+ : string_catn(result, US mysql_row_data[0], lengths[0]);
}
/* more results? -1 = no, >0 = error, 0 = yes (keep looping)
}
/* more results? -1 = no, >0 = error, 0 = yes (keep looping)
@@
-410,43
+414,39
@@
can't quote "on spec".
Arguments:
s the string to be quoted
opt additional option text or NULL if none
Arguments:
s the string to be quoted
opt additional option text or NULL if none
+ idx lookup type index
Returns: the processed string or NULL for a bad option
*/
static uschar *
Returns: the processed string or NULL for a bad option
*/
static uschar *
-mysql_quote(uschar *
s, uschar *opt
)
+mysql_quote(uschar *
s, uschar * opt, unsigned idx
)
{
{
-register int c;
-int count = 0;
-uschar *t = s;
-uschar *quoted;
+int c, count = 0;
+uschar * t = s, * quoted;
-if (opt
!= NULL
) return NULL; /* No options recognized */
+if (opt) return NULL; /* No options recognized */
-while ((c = *t++)
!= 0
)
+while ((c = *t++))
if (Ustrchr("\n\t\r\b\'\"\\", c) != NULL) count++;
if (Ustrchr("\n\t\r\b\'\"\\", c) != NULL) count++;
-if (count == 0) return s;
-t = quoted = store_get(Ustrlen(s) + count + 1, is_tainted(s));
+
/* Old code:
if (count == 0) return s;
+Now always allocate and copy, to track the quoted status. */
-while ((c = *s++) != 0)
+t = quoted = store_get_quoted(Ustrlen(s) + count + 1, s, idx);
+
+while ((c = *s++))
{
if (Ustrchr("\n\t\r\b\'\"\\", c) != NULL)
{
*t++ = '\\';
switch(c)
{
{
if (Ustrchr("\n\t\r\b\'\"\\", c) != NULL)
{
*t++ = '\\';
switch(c)
{
- case '\n': *t++ = 'n';
- break;
- case '\t': *t++ = 't';
- break;
- case '\r': *t++ = 'r';
- break;
- case '\b': *t++ = 'b';
- break;
- default: *t++ = c;
- break;
+ case '\n': *t++ = 'n'; break;
+ case '\t': *t++ = 't'; break;
+ case '\r': *t++ = 'r'; break;
+ case '\b': *t++ = 'b'; break;
+ default: *t++ = c; break;
}
}
else *t++ = c;
}
}
else *t++ = c;
@@
-465,16
+465,19
@@
return quoted;
#include "../version.h"
#include "../version.h"
-void
-mysql_version_report(
FILE *f
)
+gstring *
+mysql_version_report(
gstring * g
)
{
{
-fprintf(f, "Library version: MySQL: Compile: %lu %s [%s]\n"
- " Runtime: %lu %s\n",
+g = string_fmt_append(g,
+ "Library version: MySQL: Compile: %lu %s [%s]\n"
+ " Runtime: %lu %s\n",
(long)EXIM_MxSQL_VERSION_ID, EXIM_MxSQL_VERSION_STR, EXIM_MxSQL_BASE_STR,
mysql_get_client_version(), mysql_get_client_info());
#ifdef DYNLOOKUP
(long)EXIM_MxSQL_VERSION_ID, EXIM_MxSQL_VERSION_STR, EXIM_MxSQL_BASE_STR,
mysql_get_client_version(), mysql_get_client_info());
#ifdef DYNLOOKUP
-fprintf(f, " Exim version %s\n", EXIM_VERSION_STR);
+g = string_fmt_append(g,
+ " Exim version %s\n", EXIM_VERSION_STR);
#endif
#endif
+return g;
}
/* These are the lookup_info blocks for this driver */
}
/* These are the lookup_info blocks for this driver */