Re: [Exim] Bug? domain literals on command-line

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Jochen Erwied
CC: Jochen Erwied, exim-users
Subject: Re: [Exim] Bug? domain literals on command-line
On Thu, 18 Apr 2002, I wrote:

> I suppose I could always allow domain literals for -f, since it is a
> trusted option and the caller could be supposed to know what they are
> doing. That would be the easiest option.


I had a few minutes to spare at the end of this afternoon. It proved
very easy to fix this bug. There's a patch for 4.04 below (it will also
work for 4.03).

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.



*** exim-4.04/src/exim.c    Thu Apr 18 09:08:31 2002
--- exim.c    Fri Apr 19 16:17:45 2002
***************
*** 1300,1306 ****
      The data can follow the -f or be in the next argument. The -r switch is an
      obsolete form of -f but since there appear to be programs out there that
      use anything that sendmail has ever supported, better accept it - the
!     synonymizing is done before the switch above. */


      case 'f':
        {
--- 1300,1309 ----
      The data can follow the -f or be in the next argument. The -r switch is an
      obsolete form of -f but since there appear to be programs out there that
      use anything that sendmail has ever supported, better accept it - the
!     synonymizing is done before the switch above.
!
!     At this stage, we must allow domain literal addresses, because we don't
!     know what the setting of allow_domain_literals is yet. */


      case 'f':
        {
***************
*** 1311,1319 ****
--- 1314,1324 ----
          if (i+1 < argc) argrest = argv[++i]; else
            { badarg = TRUE; break; }
          }
+       allow_domain_literals = TRUE;
        sender_address =
          parse_extract_address(argrest, &errmess, &start, &end,
            &sender_address_domain, TRUE);
+       allow_domain_literals = FALSE;
        if (sender_address == NULL)
          {
          fprintf(stderr, "exim: %s - bad address: %s\n", argrest, errmess);
***************
*** 2203,2208 ****
--- 2208,2225 ----


readconf_main();

+ /* If domain literals are not allowed, check the sender address that was
+ supplied with -f. */
+
+ if (sender_address != NULL && sender_address[sender_address_domain] == '[' &&
+     !allow_domain_literals)
+   {
+   fprintf(stderr, "exim: -f %s - bad address: domain literals not allowed\n",
+     sender_address);
+   return EXIT_FAILURE;
+   }
+
+
  /* Handle the decoding of logging options. */


decode_bits(&log_selector, log_selector_string, log_options, log_options_count,