f.expand_string_forcedfail = FALSE;
expand_string_message = US"";
-if (is_tainted(string))
+{ uschar *m;
+if ((m = is_tainted2(string, LOG_MAIN|LOG_PANIC, "Tainted string '%s' in expansion", s)))
{
- expand_string_message =
- string_sprintf("attempt to expand tainted string '%s'", s);
- log_write(0, LOG_MAIN|LOG_PANIC, "%s", expand_string_message);
+ expand_string_message = m;
goto EXPAND_FAILED;
}
+}
while (*s)
{
condition for real. For EITEM_MAP and EITEM_REDUCE, do the same, using
the normal internal expansion function. */
- if (item_type == EITEM_FILTER)
- {
- if ((temp = eval_condition(expr, &resetok, NULL)))
- s = temp;
- }
- else
+ if (item_type != EITEM_FILTER)
temp = expand_string_internal(s, TRUE, &s, TRUE, TRUE, &resetok);
+ else
+ if ((temp = eval_condition(expr, &resetok, NULL))) s = temp;
if (!temp)
{
goto EXPAND_FAILED;
}
- Uskip_whitespace(&s);
+ Uskip_whitespace(&s); /*{*/
if (*s++ != '}')
{ /*{*/
expand_string_message = string_sprintf("missing } at end of condition "
/* Manually track tainting, as we deal in individual chars below */
if (is_tainted(sub))
+ {
if (yield->s && yield->ptr)
gstring_rebuffer(yield);
else
yield->s = store_get(yield->size = Ustrlen(sub), TRUE);
+ }
/* Check the UTF-8, byte-by-byte */
EXPAND_FAILED:
if (left) *left = s;
DEBUG(D_expand)
+ {
DEBUG(D_noutf8)
{
debug_printf_indent("|failed to expand: %s\n", string);
if (f.expand_string_forcedfail)
debug_printf_indent(UTF8_UP_RIGHT "failure was forced\n");
}
+ }
if (resetok_p && !resetok) *resetok_p = FALSE;
expand_level--;
return NULL;