X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/55414b25bee9f0195ccd1e47f3d3b5cba766e099..a5dc727afcc92deab722a84ae5cf3d00ae74c5f6:/src/src/lookups/dsearch.c

diff --git a/src/src/lookups/dsearch.c b/src/src/lookups/dsearch.c
index c041bbbb5..0509a761b 100644
--- a/src/src/lookups/dsearch.c
+++ b/src/src/lookups/dsearch.c
@@ -2,7 +2,7 @@
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
-/* Copyright (c) University of Cambridge 1995 - 2009 */
+/* Copyright (c) University of Cambridge 1995 - 2015 */
 /* See the file NOTICE for conditions of use and distribution. */
 
 /* The idea for this code came from Matthew Byng-Maddick, but his original has
@@ -25,10 +25,10 @@ it open, because the "search" can be done by a call to lstat() rather than
 actually scanning through the list of files. */
 
 static void *
-dsearch_open(uschar *dirname, uschar **errmsg)
+dsearch_open(const uschar * dirname, uschar ** errmsg)
 {
-DIR *dp = opendir(CS dirname);
-if (dp == NULL)
+DIR * dp = exim_opendir(dirname);
+if (!dp)
   {
   int save_errno = errno;
   *errmsg = string_open_failed(errno, "%s for directory search", dirname);
@@ -47,13 +47,16 @@ return (void *)(-1);
 /* The handle will always be (void *)(-1), but don't try casting it to an
 integer as this gives warnings on 64-bit systems. */
 
-BOOL
-static dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners,
-  gid_t *owngroups, uschar **errmsg)
+static BOOL
+dsearch_check(void * handle, const uschar * filename, int modemask,
+  uid_t * owners, gid_t * owngroups, uschar ** errmsg)
 {
 handle = handle;
-return lf_check_file(-1, filename, S_IFDIR, modemask, owners, owngroups,
-  "dsearch", errmsg) == 0;
+if (*filename == '/')
+  return lf_check_file(-1, filename, S_IFDIR, modemask, owners, owngroups,
+    "dsearch", errmsg) == 0;
+*errmsg = string_sprintf("dirname '%s' for dsearch is not absolute", filename);
+return FALSE;
 }
 
 
@@ -61,17 +64,21 @@ return lf_check_file(-1, filename, S_IFDIR, modemask, owners, owngroups,
 *              Find entry point                  *
 *************************************************/
 
+#define RET_FULL	BIT(0)
+
 /* See local README for interface description. We use lstat() instead of
 scanning the directory, as it is hopefully faster to let the OS do the scanning
 for us. */
 
-int
-static dsearch_find(void *handle, uschar *dirname, const uschar *keystring, int length,
-  uschar **result, uschar **errmsg, BOOL *do_cache)
+static int
+dsearch_find(void * handle, const uschar * dirname, const uschar * keystring,
+  int length, uschar ** result, uschar ** errmsg, uint * do_cache,
+  const uschar * opts)
 {
 struct stat statbuf;
 int save_errno;
-uschar filename[PATH_MAX];
+uschar * filename;
+unsigned flags = 0;
 
 handle = handle;  /* Keep picky compilers happy */
 length = length;
@@ -84,15 +91,22 @@ if (Ustrchr(keystring, '/') != 0)
   return DEFER;
   }
 
-if (!string_format(filename, sizeof(filename), "%s/%s", dirname, keystring))
+if (opts)
   {
-  *errmsg = US"path name too long";
-  return DEFER;
+  int sep = ',';
+  uschar * ele;
+
+  while ((ele = string_nextinlist(&opts, &sep, NULL, 0)))
+    if (Ustrcmp(ele, "ret=full") == 0)
+      flags |= RET_FULL;
   }
 
+filename = string_sprintf("%s/%s", dirname, keystring);
 if (Ulstat(filename, &statbuf) >= 0)
   {
-  *result = string_copy(keystring);
+  /* Since the filename exists in the filesystem, we can return a
+  non-tainted result. */
+  *result = string_copy_taint(flags & RET_FULL ? filename : keystring, FALSE);
   return OK;
   }