X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/1d717e1c110562fd6bf28478c79f180cafeba776..a63442492d25b3ab12d0bce2a8b879e32855aa72:/src/src/dbstuff.h

diff --git a/src/src/dbstuff.h b/src/src/dbstuff.h
index bf5fa3f6e..c1fb54346 100644
--- a/src/src/dbstuff.h
+++ b/src/src/dbstuff.h
@@ -3,6 +3,7 @@
 *************************************************/
 
 /* Copyright (c) University of Cambridge 1995 - 2018 */
+/* Copyright (c) The Exim Maintainers 2020 */
 /* See the file NOTICE for conditions of use and distribution. */
 
 /* This header file contains macro definitions so that a variety of DBM
@@ -642,7 +643,13 @@ after reading data. */
       : (flags) == O_RDWR ? "O_RDWR"	\
       : (flags) == (O_RDWR|O_CREAT) ? "O_RDWR|O_CREAT"	\
       : "??");	\
-  EXIM_DBOPEN__(name, dirname, flags, mode, dbpp); \
+  if (is_tainted(name) || is_tainted(dirname)) \
+    { \
+    log_write(0, LOG_MAIN|LOG_PANIC, "Tainted name for DB file not permitted"); \
+    *dbpp = NULL; \
+    } \
+  else \
+    { EXIM_DBOPEN__(name, dirname, flags, mode, dbpp); } \
   DEBUG(D_hints_lookup) debug_printf_indent("returned from EXIM_DBOPEN: %p\n", *dbpp); \
   } while(0)
 #  define EXIM_DBCLOSE(db) \