case ACLC_QUEUE:
{
uschar *m;
- if (m = is_tainted2(arg, 0, "Tainted name '%s' for queue not permitted", arg))
+ if ((m = is_tainted2(arg, 0, "Tainted name '%s' for queue not permitted", arg)))
{
*log_msgptr = m;
return ERROR;
{
uschar *tmp = expand_string(tpname);
address_file = address_pipe = NULL;
- uschar *m;
if (!tmp)
p->message = string_sprintf("failed to expand \"%s\" as a "
"system filter transport name", tpname);
{ uschar *m;
- if (m = is_tainted2(tmp, 0, "Tainted values '%s' " "for transport '%s' as a system filter", tmp, tpname))
+ if ((m = is_tainted2(tmp, 0, "Tainted values '%s' " "for transport '%s' as a system filter", tmp, tpname)))
p->message = m;
}
tpname = tmp;
expand_string_message = US"";
{ uschar *m;
-if (m = is_tainted2(string, LOG_MAIN|LOG_PANIC, "Tainted string '%s' in expansion", s))
+if ((m = is_tainted2(string, LOG_MAIN|LOG_PANIC, "Tainted string '%s' in expansion", s)))
{
expand_string_message = m;
goto EXPAND_FAILED;
/* Manually track tainting, as we deal in individual chars below */
if (is_tainted(sub))
+ {
if (yield->s && yield->ptr)
gstring_rebuffer(yield);
else
yield->s = store_get(yield->size = Ustrlen(sub), TRUE);
+ }
/* Check the UTF-8, byte-by-byte */
EXPAND_FAILED:
if (left) *left = s;
DEBUG(D_expand)
+ {
DEBUG(D_noutf8)
{
debug_printf_indent("|failed to expand: %s\n", string);
if (f.expand_string_forcedfail)
debug_printf_indent(UTF8_UP_RIGHT "failure was forced\n");
}
+ }
if (resetok_p && !resetok) *resetok_p = FALSE;
expand_level--;
return NULL;
/******************************************************************************/
/* Taint-checked file opens */
static inline uschar *
-is_tainted2(const void *p, int lflags, const uschar* fmt, ...)
+is_tainted2(const void *p, int lflags, const char* fmt, ...)
{
va_list ap;
uschar *msg;
}
{ uschar *m;
- if (m = is_tainted2(server, 0, "Tainted %s server '%s'", name, server))
+ if ((m = is_tainted2(server, 0, "Tainted %s server '%s'", name, server)))
{
*errmsg = m;
return DEFER;
}
{ uschar *m;
- if (is_tainted2(server, 0, "Tainted %s server '%s'", name, server))
+ if ((m = is_tainted2(server, 0, "Tainted %s server '%s'", name, server)))
{
*errmsg = m;
return DEFER;
return FF_ERROR;
}
- if (*error = is_tainted2(filename, 0, "Tainted name '%s' for included file not permitted\n", filename))
+ if ((*error = is_tainted2(filename, 0, "Tainted name '%s' for included file not permitted\n", filename)))
return FF_ERROR;
/* Check file name if required */
/* Reading a file is a form of expansion; we wish to deny attackers the
capability to specify the file name. */
-if (*error = is_tainted2(filename, 0, "Tainted name '%s' for file read not permitted\n", filename))
+if ((*error = is_tainted2(filename, 0, "Tainted name '%s' for file read not permitted\n", filename)))
{
*yield = FF_ERROR;
return NULL;
goto ret_panic;
}
{ uschar *m;
-if (m = is_tainted2(path, 0, "Tainted '%s' (file or directory "
- "name for %s transport) not permitted", path, tblock->name))
+if ((m = is_tainted2(path, 0, "Tainted '%s' (file or directory "
+ "name for %s transport) not permitted", path, tblock->name)))
{
addr->message = m;
goto ret_panic;
uschar *m;
time_t then = 0;
- if (m = is_tainted2(oncelog, 0, "Tainted '%s' (once file for %s transport)"
- " not permitted", oncelog, tblock->name))
+ if ((m = is_tainted2(oncelog, 0, "Tainted '%s' (once file for %s transport)"
+ " not permitted", oncelog, tblock->name)))
{
addr->transport_return = DEFER;
addr->basic_errno = EACCES;
{
uschar *m;
int log_fd;
- if (m = is_tainted2(logfile, 0, "Tainted '%s' (logfile for %s transport)"
- " not permitted", logfile, tblock->name))
+ if ((m = is_tainted2(logfile, 0, "Tainted '%s' (logfile for %s transport)"
+ " not permitted", logfile, tblock->name)))
{
addr->transport_return = DEFER;
addr->basic_errno = EACCES;
if (file)
{
uschar *m;
- if (m = is_tainted2(file, 0, "Tainted '%s' (file for %s transport)"
- " not permitted", file, tblock->name))
+ if ((m = is_tainted2(file, 0, "Tainted '%s' (file for %s transport)"
+ " not permitted", file, tblock->name)))
{
addr->transport_return = DEFER;
addr->basic_errno = EACCES;
}
{ uschar *m;
-if (m = is_tainted2(cmd, 0, "Tainted '%s' (command "
- "for %s transport) not permitted", cmd, tblock->name))
+if ((m = is_tainted2(cmd, 0, "Tainted '%s' (command "
+ "for %s transport) not permitted", cmd, tblock->name)))
{
addr->transport_return = PANIC;
addr->message = m;