X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/4fab92fbc2b63bac2d89c1dae69fa1845cb640b7..1d28cc061677bd07d9bed48dd84bd5c590247043:/src/src/lookups/oracle.c diff --git a/src/src/lookups/oracle.c b/src/src/lookups/oracle.c index d3fba5e4c..d0604c245 100644 --- a/src/src/lookups/oracle.c +++ b/src/src/lookups/oracle.c @@ -2,8 +2,10 @@ * Exim - an Internet mail transport agent * *************************************************/ +/* Copyright (c) The Exim Maintainers 2020 - 2022 */ /* Copyright (c) University of Cambridge 1995 - 2015 */ /* See the file NOTICE for conditions of use and distribution. */ +/* SPDX-License-Identifier: GPL-2.0-or-later */ /* Interface to an Oracle database. This code was originally supplied by Paul Kelly, but I have hacked it around for various reasons, and tried to add @@ -196,7 +198,7 @@ return col; /* See local README for interface description. */ static void * -oracle_open(uschar *filename, uschar **errmsg) +oracle_open(const uschar * filename, uschar ** errmsg) { return (void *)(1); /* Just return something non-null */ } @@ -216,7 +218,7 @@ oracle_connection *cn; while ((cn = oracle_connections) != NULL) { oracle_connections = cn->next; - DEBUG(D_lookup) debug_printf("close ORACLE connection: %s\n", cn->server); + DEBUG(D_lookup) debug_printf_indent("close ORACLE connection: %s\n", cn->server); ologof(cn->handle); } } @@ -254,23 +256,19 @@ Ora_Describe *desc = NULL; Ora_Define *def = NULL; void *hda = NULL; -int i; -int ssize = 0; -int offset = 0; int yield = DEFER; unsigned int num_fields = 0; -uschar *result = NULL; +gstring * result = NULL; oracle_connection *cn = NULL; uschar *server_copy = NULL; uschar *sdata[4]; -uschar tmp[1024]; /* Disaggregate the parameters from the server argument. The order is host, database, user, password. We can write to the string, since it is in a nextinlist temporary buffer. The copy of the string that is used for caching has the password removed. This copy is also used for debugging output. */ -for (i = 3; i > 0; i--) +for (int i = 3; i > 0; i--) { uschar *pp = Ustrrchr(server, '/'); if (pp == NULL) @@ -292,27 +290,25 @@ if (sdata[1][0] == 0) sdata[1] = NULL; /* See if we have a cached connection to the server */ -for (cn = oracle_connections; cn != NULL; cn = cn->next) - { +for (cn = oracle_connections; cn; cn = cn->next) if (strcmp(cn->server, server_copy) == 0) { oracle_handle = cn->handle; hda = cn->hda_mem; break; } - } /* If no cached connection, we must set one up */ -if (cn == NULL) +if (!cn) { - DEBUG(D_lookup) debug_printf("ORACLE new connection: host=%s database=%s " + DEBUG(D_lookup) debug_printf_indent("ORACLE new connection: host=%s database=%s " "user=%s\n", sdata[0], sdata[1], sdata[2]); /* Get store for a new connection, initialize it, and connect to the server */ - oracle_handle = store_get(sizeof(struct cda_def)); - hda = store_get(HDA_SIZE); + oracle_handle = store_get(sizeof(struct cda_def), GET_UNTAINTED); + hda = store_get(HDA_SIZE, GET_UNTAINTED); memset(hda,'\0',HDA_SIZE); /* @@ -335,7 +331,7 @@ if (cn == NULL) /* Add the connection to the cache */ - cn = store_get(sizeof(oracle_connection)); + cn = store_get(sizeof(oracle_connection), GET_UNTAINTED); cn->server = server_copy; cn->handle = oracle_handle; cn->next = oracle_connections; @@ -349,12 +345,12 @@ to obliterate the password because it is in a nextinlist temporary buffer. */ else { DEBUG(D_lookup) - debug_printf("ORACLE using cached connection for %s\n", server_copy); + debug_printf_indent("ORACLE using cached connection for %s\n", server_copy); } /* We have a connection. Open a cursor and run the query */ -cda = store_get(sizeof(Cda_Def)); +cda = store_get(sizeof(Cda_Def), GET_UNTAINTED); if (oopen(cda, oracle_handle, (text *)0, -1, -1, (text *)0, -1) != 0) { @@ -375,8 +371,8 @@ if (oparse(cda, (text *)query, (sb4) -1, /* Find the number of fields returned and sort out their types. If the number is one, we don't add field names to the data. Otherwise we do. */ -def = store_get(sizeof(Ora_Define)*MAX_SELECT_LIST_SIZE); -desc = store_get(sizeof(Ora_Describe)*MAX_SELECT_LIST_SIZE); +def = store_get(sizeof(Ora_Define)*MAX_SELECT_LIST_SIZE, GET_UNTAINTED); +desc = store_get(sizeof(Ora_Describe)*MAX_SELECT_LIST_SIZE, GET_UNTAINTED); if ((num_fields = describe_define(cda,def,desc)) == -1) { @@ -400,16 +396,16 @@ while (cda->rc != NO_DATA_FOUND) /* Loop for each row */ ofetch(cda); if(cda->rc == NO_DATA_FOUND) break; - if (result) result = string_catn(result, &ssize, &offset, "\n", 1); + if (result) result = string_catn(result, "\n", 1); /* Single field - just add on the data */ if (num_fields == 1) - result = string_catn(result, &ssize, &offset, def[0].buf, def[0].col_retlen); + result = string_catn(result, def[0].buf, def[0].col_retlen); /* Multiple fields - precede by file name, removing {lead,trail}ing WS */ - else for (i = 0; i < num_fields; i++) + else for (int i = 0; i < num_fields; i++) { int slen; uschar *s = US desc[i].buf; @@ -417,51 +413,47 @@ while (cda->rc != NO_DATA_FOUND) /* Loop for each row */ while (*s != 0 && isspace(*s)) s++; slen = Ustrlen(s); while (slen > 0 && isspace(s[slen-1])) slen--; - result = string_catn(result, &ssize, &offset, s, slen); - result = string_catn(result, &ssize, &offset, US"=", 1); + result = string_catn(result, s, slen); + result = string_catn(result, US"=", 1); - /* int and float type wont ever need escaping. Otherwise, quote the value + /* int and float type won't ever need escaping. Otherwise, quote the value if it contains spaces or is empty. */ if (desc[i].dbtype != INT_TYPE && desc[i].dbtype != FLOAT_TYPE && (def[i].buf[0] == 0 || strchr(def[i].buf, ' ') != NULL)) { - int j; - result = string_catn(result, &ssize, &offset, "\"", 1); - for (j = 0; j < def[i].col_retlen; j++) + result = string_catn(result, "\"", 1); + for (int j = 0; j < def[i].col_retlen; j++) { if (def[i].buf[j] == '\"' || def[i].buf[j] == '\\') - result = string_catn(result, &ssize, &offset, "\\", 1); - result = string_catn(result, &ssize, &offset, def[i].buf+j, 1); + result = string_catn(result, "\\", 1); + result = string_catn(result, def[i].buf+j, 1); } - result = string_catn(result, &ssize, &offset, "\"", 1); + result = string_catn(result, "\"", 1); } else switch(desc[i].dbtype) { case INT_TYPE: - sprintf(CS tmp, "%d", def[i].int_buf); - result = string_cat(result, &ssize, &offset, tmp); - break; + result = string_cat(result, string_sprintf("%d", def[i].int_buf)); + break; case FLOAT_TYPE: - sprintf(CS tmp, "%f", def[i].flt_buf); - result = string_cat(result, &ssize, &offset, tmp); - break; + result = string_cat(result, string_sprintf("%f", def[i].flt_buf)); + break; case STRING_TYPE: - result = string_catn(result, &ssize, &offset, def[i].buf, - def[i].col_retlen); - break; + result = string_catn(result, def[i].buf, def[i].col_retlen); + break; default: - *errmsg = string_sprintf("ORACLE: unknown field type %d", desc[i].dbtype); - *defer_break = FALSE; - result = NULL; - goto ORACLE_EXIT; + *errmsg = string_sprintf("ORACLE: unknown field type %d", desc[i].dbtype); + *defer_break = FALSE; + result = NULL; + goto ORACLE_EXIT; } - result = string_catn(result, &ssize, &offset, " ", 1); + result = string_catn(result, " ", 1); } } @@ -469,16 +461,13 @@ while (cda->rc != NO_DATA_FOUND) /* Loop for each row */ Otherwise, we must terminate the string which has been built; string_cat() always leaves enough room for a terminating zero. */ -if (result == NULL) +if (!result) { yield = FAIL; *errmsg = "ORACLE: no data found"; } else - { - result[offset] = 0; - store_reset(result + offset + 1); - } + gstring_release_unused(result); /* Get here by goto from various error checks. */ @@ -490,16 +479,16 @@ oclose(cda); ORACLE_EXIT_NO_VALS: -/* Non-NULL result indicates a sucessful result */ +/* Non-NULL result indicates a successful result */ -if (result != NULL) +if (result) { - *resultptr = result; + *resultptr = string_from_gstring(result); return OK; } else { - DEBUG(D_lookup) debug_printf("%s\n", *errmsg); + DEBUG(D_lookup) debug_printf_indent("%s\n", *errmsg); return yield; /* FAIL or DEFER */ } } @@ -516,26 +505,25 @@ arguments are not used. Loop through a list of servers while the query is deferred with a retryable error. */ static int -oracle_find(void *handle, uschar *filename, uschar *query, int length, - uschar **result, uschar **errmsg, uint *do_cache) +oracle_find(void * handle, const uschar * filename, uschar * query, int length, + uschar ** result, uschar ** errmsg, uint * do_cache, const uschar * opts) { int sep = 0; uschar *server; uschar *list = oracle_servers; -uschar buffer[512]; do_cache = do_cache; /* Placate picky compilers */ -DEBUG(D_lookup) debug_printf("ORACLE query: %s\n", query); +DEBUG(D_lookup) debug_printf_indent("ORACLE query: %s\n", query); -while ((server = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL) +while ((server = string_nextinlist(&list, &sep, NULL, 0))) { BOOL defer_break; int rc = perform_oracle_search(query, server, result, errmsg, &defer_break); if (rc != DEFER || defer_break) return rc; } -if (oracle_servers == NULL) +if (!oracle_servers) *errmsg = "no ORACLE servers defined (oracle_servers option)"; return DEFER; @@ -556,27 +544,25 @@ messages, since that isn't likely to be treated as a pattern of any kind. Arguments: s the string to be quoted opt additional option text or NULL if none + idx lookup type index Returns: the processed string or NULL for a bad option */ static uschar * -oracle_quote(uschar *s, uschar *opt) +oracle_quote(uschar * s, uschar * opt, unsigned idx) { -register int c; -int count = 0; -uschar *t = s; -uschar *quoted; +int c, count = 0; +uschar * t = s, * quoted; -if (opt != NULL) return NULL; /* No options are recognized */ +if (opt) return NULL; /* No options are recognized */ -while ((c = *t++) != 0) +while ((c = *t++)) if (strchr("\n\t\r\b\'\"\\", c) != NULL) count++; -if (count == 0) return s; -t = quoted = store_get((int)strlen(s) + count + 1); +t = quoted = store_get_quoted((int)Ustrlen(s) + count + 1, s, idx); -while ((c = *s++) != 0) +while ((c = *s++)) { if (strchr("\n\t\r\b\'\"\\", c) != NULL) { @@ -611,25 +597,26 @@ return quoted; #include "../version.h" -void -oracle_version_report(FILE *f) +gstring * +oracle_version_report(gstring * g) { #ifdef DYNLOOKUP -fprintf(f, "Library version: Oracle: Exim version %s\n", EXIM_VERSION_STR); +g = string_fmt_append(g, "Library version: Oracle: Exim version %s\n", EXIM_VERSION_STR); #endif +return g; } static lookup_info _lookup_info = { - US"oracle", /* lookup name */ - lookup_querystyle, /* query-style lookup */ - oracle_open, /* open function */ - NULL, /* check function */ - oracle_find, /* find function */ - NULL, /* no close function */ - oracle_tidy, /* tidy function */ - oracle_quote, /* quoting function */ - oracle_version_report /* version reporting */ + .name = US"oracle", /* lookup name */ + .type = lookup_querystyle, /* query-style lookup */ + .open = oracle_open, /* open function */ + .check = NULL, /* check function */ + .find = oracle_find, /* find function */ + .close = NULL, /* no close function */ + .tidy = oracle_tidy, /* tidy function */ + .quote = oracle_quote, /* quoting function */ + .version_report = oracle_version_report /* version reporting */ }; #ifdef DYNLOOKUP