X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/db3f7b6972f3b003c0413b78afcfbe295ffe0b97..3c90bbcdc7cf73298156f7bcd5f5e750e7814e72:/src/src/sieve.c diff --git a/src/src/sieve.c b/src/src/sieve.c index 2317f2eeb..9571351f0 100644 --- a/src/src/sieve.c +++ b/src/src/sieve.c @@ -3,7 +3,7 @@ *************************************************/ /* Copyright (c) Michael Haardt 2003 - 2015 - * Copyright (c) The Exim Maintainers 2016 - 2018 + * Copyright (c) The Exim Maintainers 2016 - 2020 * See the file NOTICE for conditions of use and distribution. */ @@ -245,7 +245,7 @@ for (int pass = 0; pass <= 1; pass++) dst->length=0; else { - dst->character=store_get(dst->length+1); /* plus one for \0 */ + dst->character = store_get(dst->length+1, is_tainted(src->character)); /* plus one for \0 */ new=dst->character; } for (const uschar * start = src->character, * end = start + src->length; @@ -328,7 +328,7 @@ if (address->length>0) { ss = parse_extract_address(address->character, &error, &start, &end, &domain, FALSE); - if (ss == NULL) + if (!ss) { filter->errmsg=string_sprintf("malformed address \"%s\" (%s)", address->character, error); @@ -444,9 +444,9 @@ if (*uri && *uri!='?') filter->errmsg=US"Invalid URI encoding"; return -1; } - new=store_get(sizeof(string_item)); - new->text=store_get(to.length+1); - if (to.length) memcpy(new->text,to.character,to.length); + new=store_get(sizeof(string_item), FALSE); + new->text = store_get(to.length+1, is_tainted(to.character)); + if (to.length) memcpy(new->text, to.character, to.length); new->text[to.length]='\0'; new->next=*recipient; *recipient=new; @@ -502,9 +502,9 @@ if (*uri=='?') } if (hname.length==2 && strcmpic(hname.character, US"to")==0) { - new=store_get(sizeof(string_item)); - new->text=store_get(hvalue.length+1); - if (hvalue.length) memcpy(new->text,hvalue.character,hvalue.length); + new=store_get(sizeof(string_item), FALSE); + new->text = store_get(hvalue.length+1, is_tainted(hvalue.character)); + if (hvalue.length) memcpy(new->text, hvalue.character, hvalue.length); new->text[hvalue.length]='\0'; new->next=*recipient; *recipient=new; @@ -1087,7 +1087,8 @@ uschar *errmsg; value->length=0; value->character=(uschar*)0; -t=r=s=expand_string(string_sprintf("$rheader_%s",quote(header))); +t = r = s = expand_string(string_sprintf("$rheader_%s",quote(header))); +if (!t) return; while (*r==' ' || *r=='\t') ++r; while (*r) { @@ -1728,7 +1729,7 @@ if (*filter->pc=='[') /* string list */ struct String *new; dataCapacity = dataCapacity ? dataCapacity * 2 : 4; - new = store_get(sizeof(struct String) * dataCapacity); + new = store_get(sizeof(struct String) * dataCapacity, FALSE); if (d) memcpy(new,d,sizeof(struct String)*dataLength); d = new; @@ -1766,15 +1767,13 @@ if (*filter->pc=='[') /* string list */ } else /* single string */ { - if ((d=store_get(sizeof(struct String)*2))==(struct String*)0) - { + if (!(d=store_get(sizeof(struct String)*2, FALSE))) return -1; - } + m=parse_string(filter,&d[0]); if (m==-1) - { return -1; - } + else if (m==0) { filter->pc=orig; @@ -2119,8 +2118,7 @@ if (parse_identifier(filter,CUS "address")) if (exec) { /* We are only interested in addresses below, so no MIME decoding */ - header_value=expand_string(string_sprintf("$rheader_%s",quote(h))); - if (header_value == NULL) + if (!(header_value = expand_string(string_sprintf("$rheader_%s",quote(h))))) { filter->errmsg=CUS "header string expansion failed"; return -1; @@ -2227,8 +2225,8 @@ else if (parse_identifier(filter,CUS "exists")) { uschar *header_def; - header_def=expand_string(string_sprintf("${if def:header_%s {true}{false}}",quote(h))); - if (header_def == NULL) + header_def = expand_string(string_sprintf("${if def:header_%s {true}{false}}",quote(h))); + if (!header_def) { filter->errmsg=CUS "header string expansion failed"; return -1; @@ -2311,8 +2309,8 @@ else if (parse_identifier(filter,CUS "header")) uschar *header_def; expand_header(&header_value,h); - header_def=expand_string(string_sprintf("${if def:header_%s {true}{false}}",quote(h))); - if (header_value.character == NULL || header_def == NULL) + header_def = expand_string(string_sprintf("${if def:header_%s {true}{false}}",quote(h))); + if (!header_value.character || !header_def) { filter->errmsg=CUS "header string expansion failed"; return -1; @@ -2495,7 +2493,7 @@ else if (parse_identifier(filter,CUS "envelope")) } if (exec && envelopeExpr) { - if ((envelope=expand_string(US envelopeExpr)) == NULL) + if (!(envelope=expand_string(US envelopeExpr))) { filter->errmsg=CUS "header string expansion failed"; return -1; @@ -2992,7 +2990,13 @@ while (*filter->pc) subject.character=(uschar*)0; body.length=-1; body.character=(uschar*)0; - envelope_from=(sender_address && sender_address[0]) ? expand_string(US"$local_part_prefix$local_part$local_part_suffix@$domain") : US ""; + envelope_from = sender_address && sender_address[0] + ? expand_string(US"$local_part_prefix$local_part$local_part_suffix@$domain") : US ""; + if (!envelope_from) + { + filter->errmsg=CUS "expansion failure for envelope from"; + return -1; + } for (;;) { if (parse_white(filter)==-1) return -1; @@ -3048,8 +3052,8 @@ while (*filter->pc) if (message.length==-1) message=subject; if (message.length==-1) expand_header(&message,&str_subject); expand_header(&auto_submitted_value,&str_auto_submitted); - auto_submitted_def=expand_string(string_sprintf("${if def:header_auto-submitted {true}{false}}")); - if (auto_submitted_value.character == NULL || auto_submitted_def == NULL) + auto_submitted_def=expand_string(US"${if def:header_auto-submitted {true}{false}}"); + if (!auto_submitted_value.character || !auto_submitted_def) { filter->errmsg=CUS "header string expansion failed"; return -1; @@ -3069,8 +3073,7 @@ while (*filter->pc) if (!already) /* New notification, process it */ { - struct Notification *sent; - sent=store_get(sizeof(struct Notification)); + struct Notification * sent = store_get(sizeof(struct Notification), FALSE); sent->method=method; sent->importance=importance; sent->message=message; @@ -3081,14 +3084,14 @@ while (*filter->pc) { int pid, fd; - if ((pid = child_open_exim2(&fd,envelope_from,envelope_from))>=1) + if ((pid = child_open_exim2(&fd, envelope_from, envelope_from, + US"sieve-notify")) >= 1) { - FILE *f; - uschar *buffer; - int buffer_capacity; + FILE * f = fdopen(fd, "wb"); - f = fdopen(fd, "wb"); - fprintf(f,"From: %s\n",from.length==-1 ? expand_string(US"$local_part_prefix$local_part$local_part_suffix@$domain") : from.character); + fprintf(f,"From: %s\n", from.length == -1 + ? expand_string(US"$local_part_prefix$local_part$local_part_suffix@$domain") + : from.character); for (string_item * p = recipient; p; p=p->next) fprintf(f,"To: %s\n",p->text); fprintf(f,"Auto-Submitted: auto-notified; %s\n",filter->enotify_mailto_owner); @@ -3098,10 +3101,9 @@ while (*filter->pc) message.character=US"Notification"; message.length=Ustrlen(message.character); } - /* Allocation is larger than necessary, but enough even for split MIME words */ - buffer_capacity=32+4*message.length; - buffer=store_get(buffer_capacity); - if (message.length!=-1) fprintf(f,"Subject: %s\n",parse_quote_2047(message.character, message.length, US"utf-8", buffer, buffer_capacity, TRUE)); + if (message.length != -1) + fprintf(f, "Subject: %s\n", parse_quote_2047(message.character, + message.length, US"utf-8", TRUE)); fprintf(f,"\n"); if (body.length>0) fprintf(f,"%s\n",body.character); fflush(f); @@ -3109,27 +3111,17 @@ while (*filter->pc) (void)child_close(pid, 0); } } - if ((filter_test != FTEST_NONE && debug_selector != 0) || (debug_selector & D_filter) != 0) - { + if ((filter_test != FTEST_NONE && debug_selector != 0) || debug_selector & D_filter) debug_printf("Notification to `%s': '%s'.\n",method.character,message.length!=-1 ? message.character : CUS ""); - } #endif } else - { - if ((filter_test != FTEST_NONE && debug_selector != 0) || (debug_selector & D_filter) != 0) - { + if ((filter_test != FTEST_NONE && debug_selector != 0) || debug_selector & D_filter) debug_printf("Repeated notification to `%s' ignored.\n",method.character); - } - } } else - { - if ((filter_test != FTEST_NONE && debug_selector != 0) || (debug_selector & D_filter) != 0) - { + if ((filter_test != FTEST_NONE && debug_selector != 0) || debug_selector & D_filter) debug_printf("Ignoring notification, triggering message contains Auto-submitted: field.\n"); - } - } } } #endif @@ -3220,9 +3212,9 @@ while (*filter->pc) } for (struct String * a = addresses; a->length != -1; ++a) { - string_item * new = store_get(sizeof(string_item)); + string_item * new = store_get(sizeof(string_item), FALSE); - new->text=store_get(a->length+1); + new->text = store_get(a->length+1, is_tainted(a->character)); if (a->length) memcpy(new->text,a->character,a->length); new->text[a->length]='\0'; new->next=aliases; @@ -3265,8 +3257,6 @@ while (*filter->pc) if (exec) { address_item *addr; - uschar *buffer; - int buffer_capacity; md5 base; uschar digest[16]; uschar hexdigest[33]; @@ -3313,8 +3303,8 @@ while (*filter->pc) { uschar *subject_def; - subject_def=expand_string(US"${if def:header_subject {true}{false}}"); - if (Ustrcmp(subject_def,"true")==0) + subject_def = expand_string(US"${if def:header_subject {true}{false}}"); + if (subject_def && Ustrcmp(subject_def,"true")==0) { gstring * g = string_catn(NULL, US"Auto: ", 6); @@ -3337,18 +3327,15 @@ while (*filter->pc) addr->prop.ignore_error = TRUE; addr->next = *generated; *generated = addr; - addr->reply = store_get(sizeof(reply_item)); + addr->reply = store_get(sizeof(reply_item), FALSE); memset(addr->reply,0,sizeof(reply_item)); /* XXX */ addr->reply->to = string_copy(sender_address); if (from.length==-1) addr->reply->from = expand_string(US"$local_part@$domain"); else addr->reply->from = from.character; - /* Allocation is larger than necessary, but enough even for split MIME words */ - buffer_capacity=32+4*subject.length; - buffer=store_get(buffer_capacity); /* deconst cast safe as we pass in a non-const item */ - addr->reply->subject = US parse_quote_2047(subject.character, subject.length, US"utf-8", buffer, buffer_capacity, TRUE); + addr->reply->subject = US parse_quote_2047(subject.character, subject.length, US"utf-8", TRUE); addr->reply->oncelog = string_from_gstring(once); addr->reply->once_repeat=days*86400; @@ -3447,27 +3434,24 @@ if (exec && filter->vacation_directory != NULL && filter_test == FTEST_NONE) /* clean up old vacation log databases */ - oncelogdir=opendir(CS filter->vacation_directory); - - if (oncelogdir ==(DIR*)0 && errno != ENOENT) + if ( !(oncelogdir = exim_opendir(filter->vacation_directory)) + && errno != ENOENT) { - filter->errmsg=CUS "unable to open vacation directory"; + filter->errmsg = CUS "unable to open vacation directory"; return -1; } - if (oncelogdir != NULL) + if (oncelogdir) { time(&now); - while ((oncelog=readdir(oncelogdir))!=(struct dirent*)0) - { + while ((oncelog = readdir(oncelogdir))) if (strlen(oncelog->d_name)==32) { - uschar *s=string_sprintf("%s/%s",filter->vacation_directory,oncelog->d_name); + uschar *s = string_sprintf("%s/%s",filter->vacation_directory,oncelog->d_name); if (Ustat(s,&properties)==0 && (properties.st_mtime+VACATION_MAX_DAYS*86400)