* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2012 */
+/* Copyright (c) University of Cambridge 1995 - 2018 */
/* See the file NOTICE for conditions of use and distribution. */
#ifndef MYTYPES_H
#define MYTYPES_H
+# include <string.h>
+
#ifndef FALSE
-#define FALSE 0
+# define FALSE 0
#endif
#ifndef TRUE
-#define TRUE 1
+# define TRUE 1
#endif
#ifndef TRUE_UNSET
-#define TRUE_UNSET 2
+# define TRUE_UNSET 2
#endif
the arguments of printf-like functions. This is done by a macro. */
#if defined(__GNUC__) || defined(__clang__)
-#define PRINTF_FUNCTION(A,B) __attribute__((format(printf,A,B)))
-#define ARG_UNUSED __attribute__((__unused__))
+# define PRINTF_FUNCTION(A,B) __attribute__((format(printf,A,B)))
+# define ARG_UNUSED __attribute__((__unused__))
+# define WARN_UNUSED_RESULT __attribute__((__warn_unused_result__))
+# define ALLOC __attribute__((malloc))
+# define ALLOC_SIZE(A) __attribute__((alloc_size(A)))
+# define NORETURN __attribute__((noreturn))
#else
-#define PRINTF_FUNCTION(A,B)
-#define ARG_UNUSED /**/
+# define PRINTF_FUNCTION(A,B)
+# define ARG_UNUSED /**/
+# define WARN_UNUSED_RESULT /**/
+# define ALLOC /**/
+# define ALLOC_SIZE(A) /**/
+# define NORETURN /**/
#endif
#ifdef WANT_DEEPER_PRINTF_CHECKS
-#define ALMOST_PRINTF(A, B) PRINTF_FUNCTION(A, B)
+# define ALMOST_PRINTF(A, B) PRINTF_FUNCTION(A, B)
#else
-#define ALMOST_PRINTF(A, B)
+# define ALMOST_PRINTF(A, B)
#endif
sys/types.h. This is just a typing convenience, of course. */
typedef unsigned char uschar;
-typedef int BOOL;
+typedef unsigned BOOL;
/* We also have SIGNAL_BOOL, which requires signal.h be included, so is defined
elsewhere */
#define US (unsigned char *)
#define CUS (const unsigned char *)
#define USS (unsigned char **)
+#define CUSS (const unsigned char **)
/* The C library string functions expect "char *" arguments. Use macros to
avoid having to write a cast each time. We do this for string and file
#define Uatol(s) atol(CCS(s))
#define Uchdir(s) chdir(CCS(s))
#define Uchmod(s,n) chmod(CCS(s),n)
-#define Uchown(s,n,m) chown(CCS(s),n,m)
#define Ufgets(b,n,f) fgets(CS(b),n,f)
#define Ufopen(s,t) fopen(CCS(s),CCS(t))
#define Ulink(s,t) link(CCS(s),CCS(t))
#define Uread(f,b,l) read(f,CS(b),l)
#define Urename(s,t) rename(CCS(s),CCS(t))
#define Ustat(s,t) stat(CCS(s),t)
-#define Ustrcat(s,t) strcat(CS(s),CCS(t))
+#define Ustrcat(s,t) __Ustrcat(s, CUS(t), __FUNCTION__, __LINE__)
#define Ustrchr(s,n) US strchr(CCS(s),n)
#define CUstrchr(s,n) CUS strchr(CCS(s),n)
#define CUstrerror(n) CUS strerror(n)
#define Ustrcmp(s,t) strcmp(CCS(s),CCS(t))
-#define Ustrcpy(s,t) strcpy(CS(s),CCS(t))
+#define Ustrcpy(s,t) __Ustrcpy(s, CUS(t), __FUNCTION__, __LINE__)
+#define Ustrcpy_nt(s,t) strcpy(CS s, CCS t) /* no taint check */
#define Ustrcspn(s,t) strcspn(CCS(s),CCS(t))
#define Ustrftime(s,m,f,t) strftime(CS(s),m,f,t)
#define Ustrlen(s) (int)strlen(CCS(s))
-#define Ustrncat(s,t,n) strncat(CS(s),CCS(t),n)
+#define Ustrncat(s,t,n) __Ustrncat(s, CUS(t),n, __FUNCTION__, __LINE__)
#define Ustrncmp(s,t,n) strncmp(CCS(s),CCS(t),n)
-#define Ustrncpy(s,t,n) strncpy(CS(s),CCS(t),n)
+#define Ustrncpy(s,t,n) __Ustrncpy(s, CUS(t),n, __FUNCTION__, __LINE__)
+#define Ustrncpy_nt(s,t,n) strncpy(CS s, CCS t, n) /* no taint check */
#define Ustrpbrk(s,t) strpbrk(CCS(s),CCS(t))
#define Ustrrchr(s,n) US strrchr(CCS(s),n)
#define CUstrrchr(s,n) CUS strrchr(CCS(s),n)
#define Ustrtol(s,t,b) strtol(CCS(s),CSS(t),b)
#define Ustrtoul(s,t,b) strtoul(CCS(s),CSS(t),b)
#define Uunlink(s) unlink(CCS(s))
+
+extern void die_tainted(const uschar *, const uschar *, int);
+
+/* Predicate: if an address is in a tainted pool.
+By extension, a variable pointing to this address is tainted.
+*/
+
+static inline BOOL
+is_tainted(const void * p)
+{
+#if defined(COMPILE_UTILITY) || defined(MACRO_PREDEF)
+return FALSE;
+
+#elif defined(TAINT_CHECK_SLOW)
+extern BOOL is_tainted_fn(const void *);
+return is_tainted_fn(p);
+
+#else
+extern void * tainted_base, * tainted_top;
+return p >= tainted_base && p < tainted_top;
#endif
+}
+static inline uschar * __Ustrcat(uschar * dst, const uschar * src, const char * func, int line)
+{
+#if !defined(COMPILE_UTILITY) && !defined(MACRO_PREDEF)
+if (!is_tainted(dst) && is_tainted(src)) die_tainted(US"Ustrcat", CUS func, line);
+#endif
+return US strcat(CS dst, CCS src);
+}
+static inline uschar * __Ustrcpy(uschar * dst, const uschar * src, const char * func, int line)
+{
+#if !defined(COMPILE_UTILITY) && !defined(MACRO_PREDEF)
+if (!is_tainted(dst) && is_tainted(src)) die_tainted(US"Ustrcpy", CUS func, line);
+#endif
+return US strcpy(CS dst, CCS src);
+}
+static inline uschar * __Ustrncat(uschar * dst, const uschar * src, size_t n, const char * func, int line)
+{
+#if !defined(COMPILE_UTILITY) && !defined(MACRO_PREDEF)
+if (!is_tainted(dst) && is_tainted(src)) die_tainted(US"Ustrncat", CUS func, line);
+#endif
+return US strncat(CS dst, CCS src, n);
+}
+static inline uschar * __Ustrncpy(uschar * dst, const uschar * src, size_t n, const char * func, int line)
+{
+#if !defined(COMPILE_UTILITY) && !defined(MACRO_PREDEF)
+if (!is_tainted(dst) && is_tainted(src)) die_tainted(US"Ustrncpy", CUS func, line);
+#endif
+return US strncpy(CS dst, CCS src, n);
+}
+/*XXX will likely need unchecked copy also */
+
+#endif
/* End of mytypes.h */