Docs: more info on taint

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 5915a3af339abffa198de442c491851bc4ed3591..ccfa4424af467d75b478db3fc4a67a06218c45d5 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -9453,10 +9453,22 @@ the data type.  ACL rules always expand strings.  A couple of expansion
 conditions do not expand some of the brace-delimited branches, for security
 reasons,
 .cindex "tainted data" expansion
+.cindex "tainted data" definition
 .cindex expansion "tainted data"
 and expansion of data deriving from the sender (&"tainted data"&)
 is not permitted.
 
+.new
+Common ways of obtaining untainted equivalents of variables with
+tainted values
+.cindex "tainted data" "de-tainting"
+come down to using the tainted value as a lookup key in a trusted database.
+This database could be the filestem structure,
+or the password file,
+or accessed via a DBMS.
+Specific methods are indexed under &"de-tainting"&.
+.wen
+
 
 
 .section "Literal text in expanded strings" "SECTlittext"

diff --git a/src/src/verify.c b/src/src/verify.c
index 3a40cea268d5d5a6f511af29ffe5d830263ac8a8..82a7726de291a61e2d574fe7449f3b7f315c71c8 100644 (file)
--- a/src/src/verify.c
+++ b/src/src/verify.c
@@ -4077,7 +4077,7 @@ const uschar * where = US"socketpair";
 
 if (cached_quota_lookup(rcpt, &yield, pos_cache, neg_cache))
   {
-  HDEBUG(D_verify) debug_printf_indent("quota cache: address record is %d\n",
+  HDEBUG(D_verify) debug_printf_indent("quota cache: address record is %s\n",
     yield == OK ? "positive" : "negative");
   if (yield != OK)
     {