git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
appendfile: taint-enforce file & directory options
[exim.git]
/
src
/
src
/
mime.c
diff --git
a/src/src/mime.c
b/src/src/mime.c
index 36737e9eb235a1e20967ee54e2755ea17b6566db..d47b569827795cbfaeed88d6a47319c895bb4d77 100644
(file)
--- a/
src/src/mime.c
+++ b/
src/src/mime.c
@@
-2,9
+2,9
@@
* Exim - an Internet mail transport agent *
*************************************************/
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2004
,
2015
+/* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2004
-
2015
* License: GPL
* License: GPL
- * Copyright (c) The Exim Maintainers 201
6
+ * Copyright (c) The Exim Maintainers 201
5 - 2018
*/
#include "exim.h"
*/
#include "exim.h"
@@
-338,17
+338,16
@@
while(!done)
if ( ((c == '\t') || (c == ' ')) && (header_value_mode == 1) )
continue;
if ( ((c == '\t') || (c == ' ')) && (header_value_mode == 1) )
continue;
-
/* we have hit a non-whitespace char, start copying value data */
-
header_value_mode = 2;
+ /* we have hit a non-whitespace char, start copying value data */
+ header_value_mode = 2;
-
if (c == '"') /* flip "quoted" mode */
-
header_value_mode = header_value_mode==2 ? 3 : 2;
+ if (c == '"') /* flip "quoted" mode */
+ header_value_mode = header_value_mode==2 ? 3 : 2;
- /* leave value mode on unquoted ';' */
- if (header_value_mode == 2 && c == ';') {
- header_value_mode = 0;
- };
- /* -------------------------------- */
+ /* leave value mode on unquoted ';' */
+ if (header_value_mode == 2 && c == ';')
+ header_value_mode = 0;
+ /* -------------------------------- */
}
else
{
}
else
{
@@
-396,10
+395,7
@@
if ((num_copied > 0) && (header[num_copied-1] != ';'))
header[num_copied] = '\0';
/* return 0 for EOF or empty line */
header[num_copied] = '\0';
/* return 0 for EOF or empty line */
-if ((c == EOF) || (num_copied == 1))
- return 0;
-else
- return 1;
+return c == EOF || num_copied == 1 ? 0 : 1;
}
}
@@
-490,6
+486,7
@@
while ((c = *fname))
val = string_catn(val, fname++, 1);
val = string_catn(val, US"?=", 2);
val = string_catn(val, fname++, 1);
val = string_catn(val, US"?=", 2);
+*len = val->ptr;
return string_from_gstring(val);
}
return string_from_gstring(val);
}
@@
-502,8
+499,8
@@
int rc = OK;
uschar * header = NULL;
struct mime_boundary_context nested_context;
uschar * header = NULL;
struct mime_boundary_context nested_context;
-/* reserve a line buffer to work in */
-header = store_get(MIME_MAX_HEADER_SIZE+1);
+/* reserve a line buffer to work in
. Assume tainted data.
*/
+header = store_get(MIME_MAX_HEADER_SIZE+1
, TRUE
);
/* Not actually used at the moment, but will be vital to fixing
* some RFC 2046 nonconformance later... */
/* Not actually used at the moment, but will be vital to fixing
* some RFC 2046 nonconformance later... */
@@
-557,11
+554,9
@@
while(1)
/* parse headers, set up expansion variables */
while (mime_get_header(f, header))
/* parse headers, set up expansion variables */
while (mime_get_header(f, header))
- {
- struct mime_header * mh;
/* look for interesting headers */
/* look for interesting headers */
- for (mh = mime_header_list;
+ for (
struct mime_header *
mh = mime_header_list;
mh < mime_header_list + mime_header_list_size;
mh++) if (strncmpic(mh->name, header, mh->namelen) == 0)
{
mh < mime_header_list + mime_header_list_size;
mh++) if (strncmpic(mh->name, header, mh->namelen) == 0)
{
@@
-589,8
+584,6
@@
while(1)
while (*p)
{
while (*p)
{
- mime_parameter * mp;
-
DEBUG(D_acl) debug_printf_indent("MIME: considering paramlist '%s'\n", p);
if ( !mime_filename
DEBUG(D_acl) debug_printf_indent("MIME: considering paramlist '%s'\n", p);
if ( !mime_filename
@@
-646,9
+639,7
@@
while(1)
NULL, &err_msg);
DEBUG(D_acl) debug_printf_indent("MIME: plain-name %s\n", temp_string);
NULL, &err_msg);
DEBUG(D_acl) debug_printf_indent("MIME: plain-name %s\n", temp_string);
- size = Ustrlen(temp_string);
-
- if (size == slen)
+ if (!temp_string || (size = Ustrlen(temp_string)) == slen)
decoding_failed = TRUE;
else
/* build up a decoded filename over successive
decoding_failed = TRUE;
else
/* build up a decoded filename over successive
@@
-663,7
+654,7
@@
while(1)
else
/* look for interesting parameters */
else
/* look for interesting parameters */
- for (mp = mime_parameter_list;
+ for (m
ime_parameter * m
p = mime_parameter_list;
mp < mime_parameter_list + nelem(mime_parameter_list);
mp++
) if (strncmpic(mp->name, p, mp->namelen) == 0)
mp < mime_parameter_list + nelem(mime_parameter_list);
mp++
) if (strncmpic(mp->name, p, mp->namelen) == 0)
@@
-703,7
+694,6
@@
while(1)
}
}
}
}
}
}
- }
/* set additional flag variables (easier access) */
if ( mime_content_type
/* set additional flag variables (easier access) */
if ( mime_content_type