git://git.exim.org
/
users
/
jgh
/
exim.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
6d5f5ca
)
De-taint library-return string for inet_ntoa() etc
author
Jeremy Harris
<jgh146exb@wizmail.org>
Thu, 25 Jul 2019 18:41:57 +0000
(19:41 +0100)
committer
Jeremy Harris
<jgh146exb@wizmail.org>
Thu, 25 Jul 2019 18:41:57 +0000
(19:41 +0100)
src/src/host.c
patch
|
blob
|
history
diff --git
a/src/src/host.c
b/src/src/host.c
index a00d048f675b6d3a8e62a0ea4104d110df668b86..30d54b481620c5e76ebc401ee8cc19a1ee0c09e5 100644
(file)
--- a/
src/src/host.c
+++ b/
src/src/host.c
@@
-945,13
+945,15
@@
else
/* If there is no buffer, put the string into some new store. */
/* If there is no buffer, put the string into some new store. */
-if (
buffer == NULL) return string_copy(yield
);
+if (
!buffer) buffer = store_get(46, FALSE
);
/* Callers of this function with a non-NULL buffer must ensure that it is
large enough to hold an IPv6 address, namely, at least 46 bytes. That's what
/* Callers of this function with a non-NULL buffer must ensure that it is
large enough to hold an IPv6 address, namely, at least 46 bytes. That's what
-makes this use of strcpy() OK. */
+makes this use of strcpy() OK.
+If the library returned apparently an apparently tainted string, clean it;
+we trust IP addresses. */
-
Ustrcpy(buffer
, yield);
+
string_format_nt(buffer, 46, "%s"
, yield);
return buffer;
}
return buffer;
}