Ensure the value of $authenticated_id contains only printing characters.

[exim.git] / src / src / smtp_in.c

diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index c10293c87c2c4783697eb5c3fd33a7709d401a04..bdc323325c2779d0618b0bc961d54c693a8ca1de 100644 (file)
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/smtp_in.c,v 1.15 2005/03/29 15:53:12 ph10 Exp $ */
+/* $Cambridge: exim/src/src/smtp_in.c,v 1.16 2005/04/27 10:55:20 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -2113,6 +2113,14 @@ while (done <= 0)
     if (au->set_id != NULL) set_id = expand_string(au->set_id);
     expand_nmax = -1;        /* Reset numeric variables */
 
+    /* The value of authenticated_id is stored in the spool file and printed in
+    log lines. It must not contain binary zeros or newline characters. In
+    normal use, it never will, but when playing around or testing, this error
+    can (did) happen. To guard against this, ensure that the id contains only
+    printing characters. */
+
+    if (set_id != NULL) set_id = string_printing(set_id);
+
     /* For the non-OK cases, set up additional logging data if set_id
     is not empty. */