X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/218c95cc2e45de929d92c508bc9a95292c3a4ece..a85c067ba6c6940512cf57ec213277a370d87e70:/src/src/lookups/dsearch.c diff --git a/src/src/lookups/dsearch.c b/src/src/lookups/dsearch.c index c27f5d6e6..6cae0dafb 100644 --- a/src/src/lookups/dsearch.c +++ b/src/src/lookups/dsearch.c @@ -2,8 +2,10 @@ * Exim - an Internet mail transport agent * *************************************************/ +/* Copyright (c) The Exim Maintainers 2020 - 2022 */ /* Copyright (c) University of Cambridge 1995 - 2015 */ /* See the file NOTICE for conditions of use and distribution. */ +/* SPDX-License-Identifier: GPL-2.0-only */ /* The idea for this code came from Matthew Byng-Maddick, but his original has been heavily reworked a lot for Exim 4 (and it now uses stat() (more precisely: @@ -25,14 +27,12 @@ it open, because the "search" can be done by a call to lstat() rather than actually scanning through the list of files. */ static void * -dsearch_open(uschar *dirname, uschar **errmsg) +dsearch_open(const uschar * dirname, uschar ** errmsg) { -DIR *dp = opendir(CS dirname); -if (dp == NULL) +DIR * dp = exim_opendir(dirname); +if (!dp) { - int save_errno = errno; - *errmsg = string_open_failed(errno, "%s for directory search", dirname); - errno = save_errno; + *errmsg = string_open_failed("%s for directory search", dirname); return NULL; } closedir(dp); @@ -47,13 +47,16 @@ return (void *)(-1); /* The handle will always be (void *)(-1), but don't try casting it to an integer as this gives warnings on 64-bit systems. */ -BOOL -static dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, - gid_t *owngroups, uschar **errmsg) +static BOOL +dsearch_check(void * handle, const uschar * filename, int modemask, + uid_t * owners, gid_t * owngroups, uschar ** errmsg) { handle = handle; -return lf_check_file(-1, filename, S_IFDIR, modemask, owners, owngroups, - "dsearch", errmsg) == 0; +if (*filename == '/') + return lf_check_file(-1, filename, S_IFDIR, modemask, owners, owngroups, + "dsearch", errmsg) == 0; +*errmsg = string_sprintf("dirname '%s' for dsearch is not absolute", filename); +return FALSE; } @@ -61,21 +64,26 @@ return lf_check_file(-1, filename, S_IFDIR, modemask, owners, owngroups, * Find entry point * *************************************************/ +#define RET_FULL BIT(0) +#define FILTER_TYPE BIT(1) +#define FILTER_ALL BIT(1) +#define FILTER_FILE BIT(2) +#define FILTER_DIR BIT(3) +#define FILTER_SUBDIR BIT(4) + /* See local README for interface description. We use lstat() instead of scanning the directory, as it is hopefully faster to let the OS do the scanning for us. */ static int -dsearch_find(void *handle, uschar *dirname, const uschar *keystring, int length, - uschar **result, uschar **errmsg, uint *do_cache) +dsearch_find(void * handle, const uschar * dirname, const uschar * keystring, + int length, uschar ** result, uschar ** errmsg, uint * do_cache, + const uschar * opts) { struct stat statbuf; int save_errno; uschar * filename; - -handle = handle; /* Keep picky compilers happy */ -length = length; -do_cache = do_cache; +unsigned flags = 0; if (Ustrchr(keystring, '/') != 0) { @@ -84,17 +92,47 @@ if (Ustrchr(keystring, '/') != 0) return DEFER; } +if (opts) + { + int sep = ','; + uschar * ele; + + while ((ele = string_nextinlist(&opts, &sep, NULL, 0))) + if (Ustrcmp(ele, "ret=full") == 0) + flags |= RET_FULL; + else if (Ustrncmp(ele, "filter=", 7) == 0) + { + ele += 7; + if (Ustrcmp(ele, "file") == 0) + flags |= FILTER_TYPE | FILTER_FILE; + else if (Ustrcmp(ele, "dir") == 0) + flags |= FILTER_TYPE | FILTER_DIR; + else if (Ustrcmp(ele, "subdir") == 0) + flags |= FILTER_TYPE | FILTER_SUBDIR; /* like dir but not "." or ".." */ + } + } + filename = string_sprintf("%s/%s", dirname, keystring); -if (Ulstat(filename, &statbuf) >= 0) +if ( Ulstat(filename, &statbuf) >= 0 + && ( !(flags & FILTER_TYPE) + || (flags & FILTER_FILE && S_ISREG(statbuf.st_mode)) + || ( flags & (FILTER_DIR | FILTER_SUBDIR) + && S_ISDIR(statbuf.st_mode) + && ( flags & FILTER_DIR + || keystring[0] != '.' + || keystring[1] && keystring[1] != '.' + ) ) ) ) { - *result = string_copy(keystring); + /* Since the filename exists in the filesystem, we can return a + non-tainted result. */ + *result = string_copy_taint(flags & RET_FULL ? filename : keystring, GET_UNTAINTED); return OK; } -if (errno == ENOENT) return FAIL; +if (errno == ENOENT || errno == 0) return FAIL; save_errno = errno; -*errmsg = string_sprintf("%s: lstat failed", filename); +*errmsg = string_sprintf("%s: lstat: %s", filename, strerror(errno)); errno = save_errno; return DEFER; } @@ -121,25 +159,26 @@ handle = handle; /* Avoid compiler warning */ #include "../version.h" -void -dsearch_version_report(FILE *f) +gstring * +dsearch_version_report(gstring * g) { #ifdef DYNLOOKUP -fprintf(f, "Library version: dsearch: Exim version %s\n", EXIM_VERSION_STR); +g = string_fmt_append(g, "Library version: dsearch: Exim version %s\n", EXIM_VERSION_STR); #endif +return g; } static lookup_info _lookup_info = { - US"dsearch", /* lookup name */ - lookup_absfile, /* uses absolute file name */ - dsearch_open, /* open function */ - dsearch_check, /* check function */ - dsearch_find, /* find function */ - dsearch_close, /* close function */ - NULL, /* no tidy function */ - NULL, /* no quoting function */ - dsearch_version_report /* version reporting */ + .name = US"dsearch", /* lookup name */ + .type = lookup_absfile, /* uses absolute file name */ + .open = dsearch_open, /* open function */ + .check = dsearch_check, /* check function */ + .find = dsearch_find, /* find function */ + .close = dsearch_close, /* close function */ + .tidy = NULL, /* no tidy function */ + .quote = NULL, /* no quoting function */ + .version_report = dsearch_version_report /* version reporting */ }; #ifdef DYNLOOKUP