-/* $Cambridge: exim/src/src/expand.c,v 1.108 2010/06/07 08:42:15 pdp Exp $ */
-
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
US"gei",
US"gt",
US"gti",
+ US"inlist",
+ US"inlisti",
US"isip",
US"isip4",
US"isip6",
ECOND_STR_GEI,
ECOND_STR_GT,
ECOND_STR_GTI,
+ ECOND_INLIST,
+ ECOND_INLISTI,
ECOND_ISIP,
ECOND_ISIP4,
ECOND_ISIP6,
/* Type for main variable table */
typedef struct {
- char *name;
- int type;
- void *value;
+ const char *name;
+ int type;
+ void *value;
} var_entry;
/* Type for entries pointing to address/length pairs. Not currently
{ "authenticated_id", vtype_stringptr, &authenticated_id },
{ "authenticated_sender",vtype_stringptr, &authenticated_sender },
{ "authentication_failed",vtype_int, &authentication_failed },
+#ifdef WITH_CONTENT_SCAN
+ { "av_failed", vtype_int, &av_failed },
+#endif
#ifdef EXPERIMENTAL_BRIGHTMAIL
{ "bmi_alt_location", vtype_stringptr, &bmi_alt_location },
{ "bmi_base64_tracker_verdict", vtype_stringptr, &bmi_base64_tracker_verdict },
/* For textual hashes */
-static char *hashcodes = "abcdefghijklmnopqrtsuvwxyz"
- "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
- "0123456789";
+static const char *hashcodes = "abcdefghijklmnopqrtsuvwxyz"
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "0123456789";
enum { HMAC_MD5, HMAC_SHA1 };
return tod_stamp(tod_zulu);
case vtype_todlf: /* Log file datestamp tod */
- return tod_stamp(tod_log_datestamp);
+ return tod_stamp(tod_log_datestamp_daily);
case vtype_reply: /* Get reply address */
s = find_header(US"reply-to:", exists_only, newsize, TRUE,
/* symbolic operators for numeric and string comparison, and a number of
other operators, all requiring two arguments.
+ crypteq: encrypts plaintext and compares against an encrypted text,
+ using crypt(), crypt16(), MD5 or SHA-1
+ inlist/inlisti: checks if first argument is in the list of the second
match: does a regular expression match and sets up the numerical
variables if it succeeds
match_address: matches in an address list
match_domain: matches in a domain list
match_ip: matches a host list that is restricted to IP addresses
match_local_part: matches in a local part list
- crypteq: encrypts plaintext and compares against an encrypted text,
- using crypt(), crypt16(), MD5 or SHA-1
*/
+ case ECOND_CRYPTEQ:
+ case ECOND_INLIST:
+ case ECOND_INLISTI:
case ECOND_MATCH:
case ECOND_MATCH_ADDRESS:
case ECOND_MATCH_DOMAIN:
case ECOND_MATCH_IP:
case ECOND_MATCH_LOCAL_PART:
- case ECOND_CRYPTEQ:
case ECOND_NUM_L: /* Numerical comparisons */
case ECOND_NUM_LE:
}
else /* {crypt} or {crypt16} and non-{ at start */
+ /* }-for-text-editors */
{
int which = 0;
uschar *coded;
}
break;
#endif /* SUPPORT_CRYPTEQ */
+
+ case ECOND_INLIST:
+ case ECOND_INLISTI:
+ {
+ int sep = 0;
+ BOOL found = FALSE;
+ uschar *save_iterate_item = iterate_item;
+ int (*compare)(const uschar *, const uschar *);
+
+ if (cond_type == ECOND_INLISTI)
+ compare = strcmpic;
+ else
+ compare = (int (*)(const uschar *, const uschar *)) strcmp;
+
+ while ((iterate_item = string_nextinlist(&sub[1], &sep, NULL, 0)) != NULL)
+ if (compare(sub[0], iterate_item) == 0)
+ {
+ found = TRUE;
+ break;
+ }
+ iterate_item = save_iterate_item;
+ *yield = found;
+ }
+
} /* Switch for comparison conditions */
return s; /* End of comparison conditions */
"value \"%s\"", t);
return NULL;
}
- if (yield != NULL) *yield = (boolvalue != 0);
+ if (yield != NULL) *yield = (boolvalue == testfor);
return s;
}
int op = *s++;
int y = eval_op_unary(&s, decimal, error);
if (*error != NULL) break;
- if (op == '*') x *= y;
- else if (op == '/') x /= y;
- else x %= y;
+ /* SIGFPE both on div/mod by zero and on INT_MIN / -1, which would give
+ * a value of INT_MAX+1. Note that INT_MIN * -1 gives INT_MIN for me, which
+ * is a bug somewhere in [gcc 4.2.1, FreeBSD, amd64]. In fact, -N*-M where
+ * -N*M is INT_MIN will yielf INT_MIN.
+ * Since we don't support floating point, this is somewhat simpler.
+ * Ideally, we'd return an error, but since we overflow for all other
+ * arithmetic, consistency suggests otherwise, but what's the correct value
+ * to use? There is none.
+ * The C standard guarantees overflow for unsigned arithmetic but signed
+ * overflow invokes undefined behaviour; in practice, this is overflow
+ * except for converting INT_MIN to INT_MAX+1. We also can't guarantee
+ * that long/longlong larger than int are available, or we could just work
+ * with larger types. We should consider whether to guarantee 32bit eval
+ * and 64-bit working variables, with errors returned. For now ...
+ * So, the only SIGFPEs occur with a non-shrinking div/mod, thus -1; we
+ * can just let the other invalid results occur otherwise, as they have
+ * until now. For this one case, we can coerce.
+ */
+ if (y == -1 && x == INT_MIN && op != '*')
+ {
+ DEBUG(D_expand)
+ debug_printf("Integer exception dodging: %d%c-1 coerced to %d\n",
+ INT_MIN, op, INT_MAX);
+ x = INT_MAX;
+ continue;
+ }
+ if (op == '*')
+ x *= y;
+ else
+ {
+ if (y == 0)
+ {
+ *error = (op == '/') ? US"divide by zero" : US"modulo by zero";
+ x = 0;
+ break;
+ }
+ if (op == '/')
+ x /= y;
+ else
+ x %= y;
+ }
}
}
*sptr = s;
if (search_find_defer)
{
expand_string_message =
- string_sprintf("lookup of \"%s\" gave DEFER: %s", key,
- search_error_message);
+ string_sprintf("lookup of \"%s\" gave DEFER: %s",
+ string_printing2(key, FALSE), search_error_message);
goto EXPAND_FAILED;
}
if (expand_setup > 0) expand_nmax = expand_setup;
(void)close(fd_in);
+ /* Read the pipe to get the command's output into $value (which is kept
+ in lookup_value). Read during execution, so that if the output exceeds
+ the OS pipe buffer limit, we don't block forever. */
+
+ f = fdopen(fd_out, "rb");
+ sigalrm_seen = FALSE;
+ alarm(60);
+ lookup_value = cat_file(f, lookup_value, &lsize, &lptr, NULL);
+ alarm(0);
+ (void)fclose(f);
+
/* Wait for the process to finish, applying the timeout, and inspect its
return code for serious disasters. Simple non-zero returns are passed on.
*/
- if ((runrc = child_close(pid, 60)) < 0)
+ if (sigalrm_seen == TRUE || (runrc = child_close(pid, 30)) < 0)
{
- if (runrc == -256)
+ if (sigalrm_seen == TRUE || runrc == -256)
{
expand_string_message = string_sprintf("command timed out");
killpg(pid, SIGKILL); /* Kill the whole process group */
goto EXPAND_FAILED;
}
-
- /* Read the pipe to get the command's output into $value (which is kept
- in lookup_value). */
-
- f = fdopen(fd_out, "rb");
- lookup_value = NULL;
- lookup_value = cat_file(f, lookup_value, &lsize, &lptr, NULL);
- (void)fclose(f);
}
/* Process the yes/no strings; $value may be useful in both cases */
git://git.exim.org / exim.git / blobdiff