Track tainted data and refuse to expand it

[exim.git] / src / src / lookups / dbmdb.c

diff --git a/src/src/lookups/dbmdb.c b/src/src/lookups/dbmdb.c
index 090be4f26c5fb03ac74792cdc92c64cabb6976c2..5e97009ccae4c3d6a42aa7e32bb07d4a8b3da586 100644 (file)
--- a/src/src/lookups/dbmdb.c
+++ b/src/src/lookups/dbmdb.c
@@ -2,7 +2,7 @@
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
-/* Copyright (c) University of Cambridge 1995 - 2017 */
+/* Copyright (c) University of Cambridge 1995 - 2018 */
 /* See the file NOTICE for conditions of use and distribution. */
 
 #include "../exim.h"
@@ -154,7 +154,7 @@ int buflen, bufleft, key_item_len, sep = 0;
 or less than, the length of the delimited list passed in + 1. */
 
 buflen = length + 3;
-key_buffer = store_get(buflen);
+key_buffer = store_get(buflen, is_tainted(keystring));
 
 key_buffer[0] = '\0';
 
@@ -199,7 +199,7 @@ if (key_p == key_buffer)
 empty element to put one in. Boundary: key length 1, is a NULL */
 key_item_len = key_p - key_buffer - 1;
 
-DEBUG(D_lookup) debug_printf("NUL-joined key length: %d\n", key_item_len);
+DEBUG(D_lookup) debug_printf_indent("NUL-joined key length: %d\n", key_item_len);
 
 /* beware that dbmdb_find() adds 1 to length to get back terminating NUL, so
 because we've calculated the real length, we need to subtract one more here */