X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/1ddb1855402d48ad735e46abaf0d662e45600ecd..a85c067ba6c6940512cf57ec213277a370d87e70:/src/src/lookups/pgsql.c

diff --git a/src/src/lookups/pgsql.c b/src/src/lookups/pgsql.c
index c3053430e..4fcd0e3ed 100644
--- a/src/src/lookups/pgsql.c
+++ b/src/src/lookups/pgsql.c
@@ -2,9 +2,10 @@
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
+/* Copyright (c) The Exim Maintainers 2020 - 2022 */
 /* Copyright (c) University of Cambridge 1995 - 2018 */
-/* Copyright (c) The Exim Maintainers 2020 */
 /* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-only */
 
 /* Thanks to Petr Cech for contributing the original code for these
 functions. Thanks to Joachim Wieland for the initial patch for the Unix domain
@@ -262,7 +263,7 @@ if (!cn)
 
   /* Add the connection to the cache */
 
-  cn = store_get(sizeof(pgsql_connection), FALSE);
+  cn = store_get(sizeof(pgsql_connection), GET_UNTAINTED);
   cn->server = server_copy;
   cn->handle = pg_conn;
   cn->next = pgsql_connections;
@@ -414,12 +415,13 @@ Why, I don't know. Seems odd for just string escaping...]
 Arguments:
   s          the string to be quoted
   opt        additional option text or NULL if none
+  idx	     lookup type index
 
 Returns:     the processed string or NULL for a bad option
 */
 
 static uschar *
-pgsql_quote(uschar * s, uschar * opt)
+pgsql_quote(uschar * s, uschar * opt, unsigned idx)
 {
 int count = 0, c;
 uschar * t = s, * quoted;
@@ -429,8 +431,7 @@ if (opt) return NULL;     /* No options recognized */
 while ((c = *t++))
   if (Ustrchr("\n\t\r\b\'\"\\", c) != NULL) count++;
 
-if (count == 0) return s;
-t = quoted = store_get(Ustrlen(s) + count + 1, is_tainted(s));
+t = quoted = store_get_quoted(Ustrlen(s) + count + 1, s, idx);
 
 while ((c = *s++))
   {