git://git.exim.org
/
exim.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
7d99cba
)
taint-enforce DB filenames
author
Jeremy Harris
<jgh146exb@wizmail.org>
Sat, 11 Jan 2020 21:50:05 +0000
(21:50 +0000)
committer
Jeremy Harris
<jgh146exb@wizmail.org>
Sat, 11 Jan 2020 21:50:05 +0000
(21:50 +0000)
src/src/dbstuff.h
patch
|
blob
|
history
diff --git
a/src/src/dbstuff.h
b/src/src/dbstuff.h
index bf5fa3f6ea3a41b02e7abe54e1c3b3722f89723d..a45874dc9fcece2f04cb1d240ac2095e4a706bf8 100644
(file)
--- a/
src/src/dbstuff.h
+++ b/
src/src/dbstuff.h
@@
-642,7
+642,13
@@
after reading data. */
: (flags) == O_RDWR ? "O_RDWR" \
: (flags) == (O_RDWR|O_CREAT) ? "O_RDWR|O_CREAT" \
: "??"); \
: (flags) == O_RDWR ? "O_RDWR" \
: (flags) == (O_RDWR|O_CREAT) ? "O_RDWR|O_CREAT" \
: "??"); \
- EXIM_DBOPEN__(name, dirname, flags, mode, dbpp); \
+ if (is_tainted(name) || is_tainted(dirname)) \
+ { \
+ log_write(0, LOG_MAIN|LOG_PANIC, "Tainted name for DB file not permitted"); \
+ *dbpp = NULL; \
+ } \
+ else \
+ { EXIM_DBOPEN__(name, dirname, flags, mode, dbpp); } \
DEBUG(D_hints_lookup) debug_printf_indent("returned from EXIM_DBOPEN: %p\n", *dbpp); \
} while(0)
# define EXIM_DBCLOSE(db) \
DEBUG(D_hints_lookup) debug_printf_indent("returned from EXIM_DBOPEN: %p\n", *dbpp); \
} while(0)
# define EXIM_DBCLOSE(db) \