CHMOD_COMMAND=/bin/chmod
CFLAGS=-O2 -Wall -Wno-parentheses -Wno-self-assign -Wno-logical-op-parentheses
+CFLAGS += -DTAINT_CHECK_SLOW
LIBS=-lm
extern int ip_streamsocket(const uschar *, uschar **, int);
extern int ipv6_nmtoa(int *, uschar *);
+extern BOOL is_tainted_fn(const void *);
extern uschar *local_part_quote(uschar *);
extern int log_create(uschar *);
{
#if defined(COMPILE_UTILITY) || defined(MACRO_PREDEF)
return FALSE;
+
+#elif defined(TAINT_CHECK_SLOW)
+return is_tainted_fn(p);
+
#else
extern void * tainted_base, * tainted_top;
return p >= tainted_base && p < tainted_top;
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Exim configuration file %s has the "
"wrong owner, group, or mode", big_buffer);
- }
-/* Do a dummy store-allocation of a size related to the (toplevel) file size.
-This assumes we will need this much storage to handle all the allocations
-during startup; it won't help when .include is being used. When it does, it
-will cut down on the number of store blocks (and malloc calls, and sbrk
-syscalls). It also assume we're on the relevant pool. */
+ /* Do a dummy store-allocation of a size related to the (toplevel) file size.
+ This assumes we will need this much storage to handle all the allocations
+ during startup; it won't help when .include is being used. When it does, it
+ will cut down on the number of store blocks (and malloc calls, and sbrk
+ syscalls). It also assume we're on the relevant pool. */
-if (statbuf.st_size > 8192)
- {
- rmark r = store_mark();
- void * dummy = store_get((int)statbuf.st_size, FALSE);
- store_reset(r);
+ if (statbuf.st_size > 8192)
+ {
+ rmark r = store_mark();
+ void * dummy = store_get((int)statbuf.st_size, FALSE);
+ store_reset(r);
+ }
}
/* Process the main configuration settings. They all begin with a lower case
/******************************************************************************/
+/* Slower version check, for use when platform intermixes malloc and mmap area
+addresses. */
+
+BOOL
+is_tainted_fn(const void * p)
+{
+storeblock * b;
+int pool;
+
+for (pool = 0; pool < nelem(chainbase); pool++)
+ if ((b = current_block[pool]))
+ {
+ char * bc = CS b + ALIGNED_SIZEOF_STOREBLOCK;
+ if (CS p >= bc && CS p <= bc + b->length) goto hit;
+ }
+
+for (pool = 0; pool < nelem(chainbase); pool++)
+ for (b = chainbase[pool]; b; b = b->next)
+ {
+ char * bc = CS b + ALIGNED_SIZEOF_STOREBLOCK;
+ if (CS p >= bc && CS p <= bc + b->length) goto hit;
+ }
+return FALSE;
+
+hit:
+return pool >= POOL_TAINT_BASE;
+}
+
+
void
die_tainted(const uschar * msg, const uschar * func, int line)
{
#include "../exim.h"
#include "smtp.h"
+#if defined(SUPPORT_DANE) && defined(DISABLE_TLS)
+# error TLS is required for DANE
+#endif
+
/* Options specific to the smtp transport. This transport also supports LMTP
over TCP/IP. The options must be in alphabetic order (note that "_" comes
if ((*s < 33) || (*s > 126))
{
*msgptr = string_sprintf("Invalid character in header \"%.*s\" found",
- colon - h->text, h->text);
+ (int)(colon - h->text), h->text);
return FAIL;
}
}
git://git.exim.org / exim.git / commitdiff