X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/aa2b5c79bb551ce28868d751715aed7c6c21d053..06faf21f3a84a3ac4aa4f7b1512087423d8c8541:/src/src/exim_dbmbuild.c diff --git a/src/src/exim_dbmbuild.c b/src/src/exim_dbmbuild.c index f4e47387a..3bb226611 100644 --- a/src/src/exim_dbmbuild.c +++ b/src/src/exim_dbmbuild.c @@ -1,10 +1,8 @@ -/* $Cambridge: exim/src/src/exim_dbmbuild.c,v 1.5 2005/08/30 09:19:33 ph10 Exp $ */ - /************************************************* * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2005 */ +/* Copyright (c) University of Cambridge 1995 - 2018 */ /* See the file NOTICE for conditions of use and distribution. */ @@ -32,6 +30,7 @@ characters. */ #include "exim.h" +uschar * spool_directory = NULL; /* dummy for dbstuff.h */ #define max_insize 20000 #define max_outsize 100000 @@ -39,7 +38,7 @@ characters. */ /* This is global because it's defined in the headers and compilers grumble if it is made static. */ -uschar *hex_digits = US"0123456789abcdef"; +const uschar *hex_digits = CUS"0123456789abcdef"; #ifdef STRERROR_FROM_ERRLIST @@ -90,10 +89,10 @@ Returns: the value of the character escape */ int -string_interpret_escape(uschar **pp) +string_interpret_escape(const uschar **pp) { int ch; -uschar *p = *pp; +const uschar *p = *pp; ch = *(++p); if (isdigit(ch) && ch != '8' && ch != '9') { @@ -151,8 +150,9 @@ EXIM_DB *d; EXIM_DATUM key, content; uschar *bptr; uschar keybuffer[256]; -uschar temp_dbmname[256]; -uschar real_dbmname[256]; +uschar temp_dbmname[512]; +uschar real_dbmname[512]; +uschar dirname[512]; uschar *buffer = malloc(max_outsize); uschar *line = malloc(max_insize); @@ -195,13 +195,28 @@ if (Ustrcmp(argv[arg], argv[arg+1]) == 0) } #endif +/* Check length of filename; allow for adding .dbmbuild_temp and .db or +.dir/.pag later. */ + +if (strlen(argv[arg+1]) > sizeof(temp_dbmname) - 20) + { + printf("exim_dbmbuild: output filename is ridiculously long\n"); + exit(1); + } + Ustrcpy(temp_dbmname, argv[arg+1]); Ustrcat(temp_dbmname, ".dbmbuild_temp"); +Ustrcpy(dirname, temp_dbmname); +if ((bptr = Ustrrchr(dirname, '/'))) + *bptr = '\0'; +else + Ustrcpy(dirname, "."); + /* It is apparently necessary to open with O_RDWR for this to work with gdbm-1.7.3, though no reading is actually going to be done. */ -EXIM_DBOPEN(temp_dbmname, O_RDWR|O_CREAT|O_EXCL, 0644, &d); +EXIM_DBOPEN(temp_dbmname, dirname, O_RDWR|O_CREAT|O_EXCL, 0644, &d); if (d == NULL) { @@ -289,22 +304,21 @@ while (Ufgets(line, max_insize, f) != NULL) switch(rc = EXIM_DBPUTB(d, key, content)) { case EXIM_DBPUTB_OK: - count++; - break; + count++; + break; case EXIM_DBPUTB_DUP: - if (warn) fprintf(stderr, "** Duplicate key \"%s\"\n", - keybuffer); - dupcount++; - if(duperr) yield = 1; - if (lastdup) EXIM_DBPUT(d, key, content); - break; + if (warn) fprintf(stderr, "** Duplicate key \"%s\"\n", keybuffer); + dupcount++; + if(duperr) yield = 1; + if (lastdup) EXIM_DBPUT(d, key, content); + break; default: - fprintf(stderr, "Error %d while writing key %s: errno=%d\n", rc, - keybuffer, errno); - yield = 2; - goto TIDYUP; + fprintf(stderr, "Error %d while writing key %s: errno=%d\n", rc, + keybuffer, errno); + yield = 2; + goto TIDYUP; } bptr = buffer; @@ -322,8 +336,9 @@ while (Ufgets(line, max_insize, f) != NULL) keystart = t; while (*s != 0 && *s != '\"') { - if (*s == '\\') *t++ = string_interpret_escape(&s); - else *t++ = *s; + *t++ = *s == '\\' + ? string_interpret_escape((const uschar **)&s) + : *s; s++; } if (*s != 0) s++; /* Past terminating " */ @@ -345,15 +360,11 @@ while (Ufgets(line, max_insize, f) != NULL) } if (lowercase) - { for (i = 0; i < EXIM_DATUM_SIZE(key) - add_zero; i++) keybuffer[i] = tolower(keystart[i]); - } else - { for (i = 0; i < EXIM_DATUM_SIZE(key) - add_zero; i++) keybuffer[i] = keystart[i]; - } keybuffer[i] = 0; started = 1; @@ -471,9 +482,11 @@ if (yield == 0 || yield == 1) else { printf("dbmbuild abandoned\n"); - #if defined(USE_DB) || defined(USE_TDB) || defined(USE_GDBM) +#if defined(USE_DB) || defined(USE_TDB) || defined(USE_GDBM) + /* We created it, so safe to delete despite the name coming from outside */ + /* coverity[tainted_string] */ Uunlink(temp_dbmname); - #else +#else if (is_db) { sprintf(CS real_dbmname, "%s.db", temp_dbmname); @@ -486,7 +499,7 @@ else sprintf(CS real_dbmname, "%s.pag", temp_dbmname); Uunlink(real_dbmname); } - #endif /* USE_DB || USE_TDB */ +#endif /* USE_DB || USE_TDB */ } return yield;