Option for taint when setting variable under -be

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index d030a8411105d09657b1964b00c3fa5a0045d72e..d71d3696f4603a05f96a32c91312345a2f5f3307 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -2886,6 +2886,11 @@ available to admin users.
 
 The word &"set"& at the start of a line, followed by a single space,
 is recognised specially as defining a value for a variable.
 
 The word &"set"& at the start of a line, followed by a single space,
 is recognised specially as defining a value for a variable.

+.new
+.cindex "tainted data" "expansion testing"
+If the sequence &",t"& is inserted before the space,
+the value is marked as tainted.
+.wen

 The syntax is otherwise the same as the ACL modifier &"set ="&.
 
 .cmdopt -bem <&'filename'&>
 The syntax is otherwise the same as the ACL modifier &"set ="&.
 
 .cmdopt -bem <&'filename'&>

diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 2439b313704875c9150bb3818257ab8c21a7d0b4..58ab945beb113ca70a54e5a1f9a29489cd6acd6f 100644 (file)
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -18,6 +18,8 @@ Version 4.98
 
  4. The recipients_max main option is now expanded.
 
 
  4. The recipients_max main option is now expanded.
 

+ 5. Setting variables for "exim -be" can set a tainted value.
+

 Version 4.97
 ------------
 
 Version 4.97
 ------------
 

diff --git a/src/src/acl.c b/src/src/acl.c
index f4d65464e44047b5d1b4bd07c1975411a7236fee..29441dfc10224788569c5da09d05733d2cd5a61c 100644 (file)
--- a/src/src/acl.c
+++ b/src/src/acl.c
@@ -800,7 +800,7 @@ return TRUE;
 
 static BOOL
 acl_data_to_cond(const uschar * s, acl_condition_block * cond,
 
 static BOOL
 acl_data_to_cond(const uschar * s, acl_condition_block * cond,

-  const uschar * name, uschar ** error)
+  const uschar * name, BOOL taint, uschar ** error)

 {
 if (*s++ != '=')
   {
 {
 if (*s++ != '=')
   {


@@ -809,7 +809,7 @@ if (*s++ != '=')
   return FALSE;;
   }
 Uskip_whitespace(&s);
   return FALSE;;
   }
 Uskip_whitespace(&s);

-cond->arg = string_copy(s);
+cond->arg = taint ? string_copy_taint(s, GET_TAINTED) : string_copy(s);

 return TRUE;
 }
 
 return TRUE;
 }
 


@@ -959,7 +959,7 @@ while ((s = (*func)()))
   "endpass" has no data */
 
   if (c != ACLC_ENDPASS)
   "endpass" has no data */
 
   if (c != ACLC_ENDPASS)

-    if (!acl_data_to_cond(s, cond, name, error)) return NULL;
+    if (!acl_data_to_cond(s, cond, name, FALSE, error)) return NULL;

   }
 
 return yield;
   }
 
 return yield;


@@ -4941,7 +4941,7 @@ fprintf(f, "acl%c %s %d\n%s\n", name[0], name+1, Ustrlen(value), value);
 
 
 uschar *
 
 
 uschar *

-acl_standalone_setvar(const uschar * s)
+acl_standalone_setvar(const uschar * s, BOOL taint)

 {
 acl_condition_block * cond = store_get(sizeof(acl_condition_block), GET_UNTAINTED);
 uschar * errstr = NULL, * log_msg = NULL;
 {
 acl_condition_block * cond = store_get(sizeof(acl_condition_block), GET_UNTAINTED);
 uschar * errstr = NULL, * log_msg = NULL;


@@ -4951,7 +4951,7 @@ int e;
 cond->next = NULL;
 cond->type = ACLC_SET;
 if (!acl_varname_to_cond(&s, cond, &errstr)) return errstr;
 cond->next = NULL;
 cond->type = ACLC_SET;
 if (!acl_varname_to_cond(&s, cond, &errstr)) return errstr;

-if (!acl_data_to_cond(s, cond, US"'-be'", &errstr)) return errstr;
+if (!acl_data_to_cond(s, cond, US"'-be'", taint, &errstr)) return errstr;

 
 if (acl_check_condition(ACL_WARN, cond, ACL_WHERE_UNKNOWN,
                            NULL, 0, &endpass_seen, &errstr, &log_msg, &e) != OK)
 
 if (acl_check_condition(ACL_WARN, cond, ACL_WHERE_UNKNOWN,
                            NULL, 0, &endpass_seen, &errstr, &log_msg, &e) != OK)

diff --git a/src/src/exim.c b/src/src/exim.c
index c591ee60cc2e00acb7e672b65a83c27f377da0ed..3170bef98cbd5fbed6f6771496f4a6311eecd6e1 100644 (file)
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -1704,8 +1704,10 @@ if (isupper(big_buffer[0]))
   if (macro_read_assignment(big_buffer))
     printf("Defined macro '%s'\n", mlast->name);
   }
   if (macro_read_assignment(big_buffer))
     printf("Defined macro '%s'\n", mlast->name);
   }

+else if (Ustrncmp(big_buffer, "set,t ", 6) == 0)
+  printf("%s\n", acl_standalone_setvar(big_buffer+6, TRUE));

 else if (Ustrncmp(big_buffer, "set ", 4) == 0)
 else if (Ustrncmp(big_buffer, "set ", 4) == 0)

-  printf("%s\n", acl_standalone_setvar(big_buffer+4));
+  printf("%s\n", acl_standalone_setvar(big_buffer+4, FALSE));

 else
   if ((s = expand_string(big_buffer))) printf("%s\n", CS s);
   else printf("Failed: %s\n", expand_string_message);
 else
   if ((s = expand_string(big_buffer))) printf("%s\n", CS s);
   else printf("Failed: %s\n", expand_string_message);

diff --git a/src/src/functions.h b/src/src/functions.h
index 77323a5c12f5e88ab9870175d81f40d39e480f47..0e657d7c4d784672616ce2f5cc692042172ef239 100644 (file)
--- a/src/src/functions.h
+++ b/src/src/functions.h
@@ -103,7 +103,7 @@ extern acl_block *acl_read(uschar *(*)(void), uschar **);
 extern int     acl_check(int, const uschar *, uschar *, uschar **, uschar **);
 extern uschar *acl_current_verb(void);
 extern int     acl_eval(int, uschar *, uschar **, uschar **);
 extern int     acl_check(int, const uschar *, uschar *, uschar **, uschar **);
 extern uschar *acl_current_verb(void);
 extern int     acl_eval(int, uschar *, uschar **, uschar **);

-extern uschar *acl_standalone_setvar(const uschar *);
+extern uschar *acl_standalone_setvar(const uschar *, BOOL);

 
 extern tree_node *acl_var_create(uschar *);
 extern void    acl_var_write(uschar *, uschar *, void *);
 
 extern tree_node *acl_var_create(uschar *);
 extern void    acl_var_write(uschar *, uschar *, void *);