Track tainted data and refuse to expand it

[users/heiko/exim.git] / src / src / dkim.c

diff --git a/src/src/dkim.c b/src/src/dkim.c
index 96d7eba81468ce89b3fee2c2413ff4c780cb5fb4..a410ed55bbcbfe2734b12493c784bc0c67429f8f 100644 (file)
--- a/src/src/dkim.c
+++ b/src/src/dkim.c
@@ -43,8 +43,12 @@ static const uschar * dkim_collect_error = NULL;
 uschar *
 dkim_exim_query_dns_txt(uschar * name)
 {
+/*XXX need to always alloc the dnsa, from tainted mem.
+Then, we hope, the answers will be tainted */
+
 dns_answer dnsa;
 dns_scan dnss;
+rmark reset_point = store_mark();
 gstring * g = NULL;
 
 lookup_dnssec_authenticated = NULL;
@@ -76,7 +80,7 @@ for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
     /* check if this looks like a DKIM record */
     if (Ustrncmp(g->s, "v=", 2) != 0 || strncasecmp(CS g->s, "v=dkim", 6) == 0)
       {
-      gstring_reset_unused(g);
+      gstring_release_unused(g);
       return string_from_gstring(g);
       }
 
@@ -84,7 +88,7 @@ for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
     }
 
 bad:
-if (g) store_reset(g);
+store_reset(reset_point);
 return NULL;   /*XXX better error detail?  logging? */
 }