From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Sat, 3 Feb 2018 23:13:53 +0000 (+0000)
Subject: Debug: more info for string-expansion troubles
X-Git-Tag: exim-4_91_RC1~76
X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/d584cdcac04235b9323a34c049a1c5dc2cd2a309

Debug: more info for string-expansion troubles
---

diff --git a/src/src/expand.c b/src/src/expand.c
index f6fef84ef..d469ca7ba 100644
--- a/src/src/expand.c
+++ b/src/src/expand.c
@@ -2498,9 +2498,12 @@ switch(cond_type)
         "after \"%s\"", name);
       return NULL;
       }
-    sub[i] = expand_string_internal(s+1, TRUE, &s, yield == NULL,
-        honour_dollar, resetok);
-    if (sub[i] == NULL) return NULL;
+    if (!(sub[i] = expand_string_internal(s+1, TRUE, &s, yield == NULL,
+        honour_dollar, resetok)))
+      return NULL;
+    DEBUG(D_expand) if (i == 1 && !sub2_honour_dollar && Ustrchr(sub[1], '$'))
+      debug_printf_indent("WARNING: the second arg is NOT expanded,"
+			" for security reasons\n");
     if (*s++ != '}') goto COND_FAILED_CURLY_END;
 
     /* Convert to numerical if required; we know that the names of all the
@@ -5790,7 +5793,8 @@ while (*s != 0)
       if (*s++ != '}')
         {						/*{*/
         expand_string_message = string_sprintf("missing } at end of condition "
-          "or expression inside \"%s\"", name);
+          "or expression inside \"%s\"; could be an unquoted } in the content",
+	  name);
         goto EXPAND_FAILED;
         }