X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/d7d7b7b91dd75cec636fc144da7e27eed860f971..55414b25bee9f0195ccd1e47f3d3b5cba766e099:/src/src/exim_dbmbuild.c

diff --git a/src/src/exim_dbmbuild.c b/src/src/exim_dbmbuild.c
index f34448dd3..729c2eb4c 100644
--- a/src/src/exim_dbmbuild.c
+++ b/src/src/exim_dbmbuild.c
@@ -1,10 +1,8 @@
-/* $Cambridge: exim/src/src/exim_dbmbuild.c,v 1.6 2006/02/07 11:19:00 ph10 Exp $ */
-
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
-/* Copyright (c) University of Cambridge 1995 - 2006 */
+/* Copyright (c) University of Cambridge 1995 - 2009 */
 /* See the file NOTICE for conditions of use and distribution. */
 
 
@@ -39,7 +37,7 @@ characters. */
 /* This is global because it's defined in the headers and compilers grumble
 if it is made static. */
 
-uschar *hex_digits = US"0123456789abcdef";
+const uschar *hex_digits = CUS"0123456789abcdef";
 
 
 #ifdef STRERROR_FROM_ERRLIST
@@ -90,10 +88,10 @@ Returns:   the value of the character escape
 */
 
 int
-string_interpret_escape(uschar **pp)
+string_interpret_escape(const uschar **pp)
 {
 int ch;
-uschar *p = *pp;
+const uschar *p = *pp;
 ch = *(++p);
 if (isdigit(ch) && ch != '8' && ch != '9')
   {
@@ -151,8 +149,8 @@ EXIM_DB *d;
 EXIM_DATUM key, content;
 uschar *bptr;
 uschar  keybuffer[256];
-uschar  temp_dbmname[256];
-uschar  real_dbmname[256];
+uschar  temp_dbmname[512];
+uschar  real_dbmname[512];
 uschar *buffer = malloc(max_outsize);
 uschar *line = malloc(max_insize);
 
@@ -195,6 +193,15 @@ if (Ustrcmp(argv[arg], argv[arg+1]) == 0)
   }
 #endif
 
+/* Check length of filename; allow for adding .dbmbuild_temp and .db or
+.dir/.pag later. */
+
+if (strlen(argv[arg+1]) > sizeof(temp_dbmname) - 20)
+  {
+  printf("exim_dbmbuild: output filename is ridiculously long\n");
+  exit(1);
+  }
+
 Ustrcpy(temp_dbmname, argv[arg+1]);
 Ustrcat(temp_dbmname, ".dbmbuild_temp");
 
@@ -322,7 +329,7 @@ while (Ufgets(line, max_insize, f) != NULL)
       keystart = t;
       while (*s != 0 && *s != '\"')
         {
-        if (*s == '\\') *t++ = string_interpret_escape(&s);
+        if (*s == '\\') *t++ = string_interpret_escape((const uschar **)&s);
           else *t++ = *s;
         s++;
         }