# ifndef SUPPORT_CRYPTEQ
# define SUPPORT_CRYPTEQ
# endif
-#else
-
-/* Recursively called function */
-
-static uschar *expand_string_internal(const uschar *, esi_flags, const uschar **, BOOL *, BOOL *);
-static int_eximarith_t expanded_string_integer(const uschar *, BOOL);
-
#endif /*!STAND_ALONE*/
#ifdef LOOKUP_LDAP
#define FH_WANT_RAW BIT(1)
#define FH_WANT_LIST BIT(2)
+/* Recursively called function */
+static uschar *expand_string_internal(const uschar *, esi_flags, const uschar **, BOOL *, BOOL *);
+static int_eximarith_t expanded_string_integer(const uschar *, BOOL);
+
/*************************************************
* Tables for UTF-8 support *
if (!*ss && deliver_datafile >= 0) /* Read body when needed */
{
uschar * body;
- off_t start_offset = SPOOL_DATA_START_OFFSET;
+ off_t start_offset_o = spool_data_start_offset(message_id);
+ off_t start_offset = start_offset_o;
int len = message_body_visible;
if (len > message_size) len = message_size;
if (fstat(deliver_datafile, &statbuf) == 0)
{
start_offset = statbuf.st_size - len;
- if (start_offset < SPOOL_DATA_START_OFFSET)
- start_offset = SPOOL_DATA_START_OFFSET;
+ if (start_offset < start_offset_o)
+ start_offset = start_offset_o;
}
}
if (lseek(deliver_datafile, start_offset, SEEK_SET) < 0)
json_nextinlist(const uschar ** list)
{
unsigned array_depth = 0, object_depth = 0;
+BOOL quoted = FALSE;
const uschar * s = *list, * item;
skip_whitespace(&s);
for (item = s;
- *s && (*s != ',' || array_depth != 0 || object_depth != 0);
+ *s && (*s != ',' || array_depth != 0 || object_depth != 0 || quoted);
s++)
- switch (*s)
+ if (!quoted) switch (*s)
{
case '[': array_depth++; break;
case ']': array_depth--; break;
case '{': object_depth++; break;
case '}': object_depth--; break;
+ case '"': quoted = TRUE;
+ }
+ else switch(*s)
+ {
+ case '\\': s++; break; /* backslash protects one char */
+ case '"': quoted = FALSE; break;
}
*list = *s ? s+1 : s;
if (item == s) return NULL;
/* Match the given local_part against the SRS-encoded pattern */
- re = regex_must_compile(US"^(?i)SRS0=([^=]+)=([A-Z2-7]+)=([^=]*)=(.*)$",
+ re = regex_must_compile(US"^(?i)SRS0=([^=]+)=([A-Z2-7]{2})=([^=]*)=(.*)$",
MCS_CASELESS | MCS_CACHEABLE, FALSE);
md = pcre2_match_data_create(4+1, pcre_gen_ctx);
if (pcre2_match(re, sub[0], PCRE2_ZERO_TERMINATED, 0, PCRE_EOPT,
hash_source = string_catn(NULL, key_num, 1);
hash_source = string_catn(hash_source, daystamp, 3);
hash_source = string_cat(hash_source, address);
-(void) string_from_gstring(hash_source);
DEBUG(D_expand)
- debug_printf_indent("prvs: hash source is '%s'\n", hash_source->s);
+ debug_printf_indent("prvs: hash source is '%Y'\n", hash_source);
memset(innerkey, 0x36, 64);
memset(outerkey, 0x5c, 64);
if (iexpire >= inow)
{
prvscheck_result = US"1";
- DEBUG(D_expand) debug_printf_indent("prvscheck: success, $pvrs_result set to 1\n");
+ DEBUG(D_expand) debug_printf_indent("prvscheck: success, $prvscheck_result set to 1\n");
}
else
{
prvscheck_result = NULL;
- DEBUG(D_expand) debug_printf_indent("prvscheck: signature expired, $pvrs_result unset\n");
+ DEBUG(D_expand) debug_printf_indent("prvscheck: signature expired, $prvscheck_result unset\n");
}
}
else
{
prvscheck_result = NULL;
- DEBUG(D_expand) debug_printf_indent("prvscheck: hash failure, $pvrs_result unset\n");
+ DEBUG(D_expand) debug_printf_indent("prvscheck: hash failure, $prvscheck_result unset\n");
}
/* Now expand the final argument. We leave this till now so that
FILE * f;
const uschar * arg, ** argv;
BOOL late_expand = TRUE;
+ uschar * save_value = lookup_value;
+ int yesno;
if (expand_forbid & RDO_RUN)
{
/* Handle options to the "run" */
while (*s == ',')
- {
if (Ustrncmp(++s, "preexpand", 9) == 0)
{ late_expand = FALSE; s += 9; }
else
(int)(t-s), s);
goto EXPAND_FAILED;
}
- }
Uskip_whitespace(&s);
if (*s != '{') /*}*/
expand_string_message = string_sprintf("command killed by signal %d",
-runrc);
+ lookup_value = save_value;
goto EXPAND_FAILED;
}
}
/* Process the yes/no strings; $value may be useful in both cases */
- switch(process_yesno(
+ yesno = process_yesno(
flags, /* were previously skipping */
runrc == 0, /* success/failure indicator */
lookup_value, /* value to reset for string2 */
&s, /* input pointer */
&yield, /* output pointer */
US"run", /* condition type */
- &resetok))
+ &resetok);
+ lookup_value = save_value;
+
+ switch(yesno)
{
case 1: goto EXPAND_FAILED; /* when all is well, the */
case 2: goto EXPAND_FAILED_CURLY; /* returned value is 0 */
case 2:
case 3: goto EXPAND_FAILED;
}
+ if (flags & ESI_SKIPPING) continue;
if (sub[1] && *(sub[1]))
{
{
struct timeval now;
unsigned long i;
- gstring * h = NULL;
gettimeofday(&now, NULL);
- for (unsigned long i = (now.tv_sec / 86400) & 0x3ff; i; i >>= 5)
- h = string_catn(h, &base32_chars[i & 0x1f], 1);
- if (h) while (h->ptr > 0)
- g = string_catn(g, &h->s[--h->ptr], 1);
+ i = (now.tv_sec / 86400) & 0x3ff;
+ g = string_catn(g, &base32_chars[i >> 5], 1);
+ g = string_catn(g, &base32_chars[i & 0x1f], 1);
}
g = string_catn(g, US"=", 1);
"operator is \"%s\", which is not a decimal number", sub);
goto EXPAND_FAILED;
}
- yield = string_cat(yield, string_base62(n));
+ yield = string_cat(yield, string_base62_32(n)); /*XXX only handles 32b input range. Need variants? */
break;
}
case EOP_UTF8CLEAN:
{
int seq_len = 0, index = 0, bytes_left = 0, complete;
- long codepoint = -1;
+ u_long codepoint = (u_long)-1;
uschar seq_buff[4]; /* accumulate utf-8 here */
/* Manually track tainting, as we deal in individual chars below */
if (--bytes_left == 0) /* codepoint complete */
if(codepoint > 0x10FFFF) /* is it too large? */
complete = -1; /* error (RFC3629 limit) */
+ else if ( (codepoint & 0x1FF800 ) == 0xD800 ) /* surrogate */
+ /* A UTF-16 surrogate (which should be one of a pair that
+ encode a Unicode codepoint that is outside the Basic
+ Multilingual Plane). Error, not UTF8.
+ RFC2279.2 is slightly unclear on this, but
+ https://unicodebook.readthedocs.io/issues.html#strict-utf8-decoder
+ says "Surrogates characters are also invalid in UTF-8:
+ characters in U+D800—U+DFFF have to be rejected." */
+ complete = -1;
else
{ /* finished; output utf-8 sequence */
yield = string_catn(yield, seq_buff, seq_len);
}
else /* no bytes left: new sequence */
{
- if(!(c & 0x80)) /* 1-byte sequence, US-ASCII, keep it */
+ if (!(c & 0x80)) /* 1-byte sequence, US-ASCII, keep it */
{
yield = string_catn(yield, &c, 1);
continue;
}
- if((c & 0xe0) == 0xc0) /* 2-byte sequence */
- {
- if(c == 0xc0 || c == 0xc1) /* 0xc0 and 0xc1 are illegal */
+ if ((c & 0xe0) == 0xc0) /* 2-byte sequence */
+ if (c == 0xc0 || c == 0xc1) /* 0xc0 and 0xc1 are illegal */
complete = -1;
else
{
- bytes_left = 1;
- codepoint = c & 0x1f;
+ bytes_left = 1;
+ codepoint = c & 0x1f;
}
- }
- else if((c & 0xf0) == 0xe0) /* 3-byte sequence */
+ else if ((c & 0xf0) == 0xe0) /* 3-byte sequence */
{
bytes_left = 2;
codepoint = c & 0x0f;
}
- else if((c & 0xf8) == 0xf0) /* 4-byte sequence */
+ else if ((c & 0xf8) == 0xf0) /* 4-byte sequence */
{
bytes_left = 3;
codepoint = c & 0x07;
goto EXPAND_FAILED;
}
yield = string_cat(yield, s);
- DEBUG(D_expand) debug_printf_indent("yield: '%s'\n", string_from_gstring(yield));
+ DEBUG(D_expand) debug_printf_indent("yield: '%Y'\n", yield);
break;
}