Re: [Exim] New snapshot of candidate for 4.40

Top Page
Delete this message
Reply to this message
Author: Nico Erfurth
Date:  
To: Philip Hazel
CC: Exim-Users (E-mail)
Subject: Re: [Exim] New snapshot of candidate for 4.40
Philip Hazel wrote:
> I've just put a new snapshot (4.390) in
>
> ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot.tar.gz
> ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/Testing/exim-snapshot.tar.gz.sig
>
> This is the code that I'm planning to release as 4.40, probably
> immediately after the Exim course in Cambridge (the doc still needs some
> work - you only have ChangeLog and NewStuff in the snapshot). There's
> quite a lot of new code in it, so if people can test and find any
> problems, I'd be grateful.


There is a general problem with all lookup modules that return key/value
pairs.

They all do a check like this when fetching a row with multiple columns:

if(buffer[0] == 0 || Ustrchr(buffer, ' ' != NULL)
{
/* Do quoting */
}
else
{
/* Just copy the field as is */
}

The problem is, that this interacts badly with ${extract, in fact I'm
wondering that nobody was catched by this yet.

Possible problems:
1.) the string could contain a tab (\t) or any other kind of whitespace
     as long as there is no blank (' '), exim wouldn't quote the string.
     But ${extract splits on any kind of whitespaces.
2.) The string could start with an quotation mark, it wouldn't be
     quoted, but ${expand will search for a closing quotation mark and
     return another value it should do.


Example:
mysql> insert into test values('asd\tsdf', '"sdfsdfsdfsdf');

> ${lookup mysql{select * from test}}

a=asd        sdf b="sdfsdfsdfsdf


> ${extract {a}{${lookup mysql{select * from test}}}}

asd

The lookups should check more carefully for strings that need quoting.
Also, the quoting functionality should be moved into a seperated
function, as it looks the same on all lookups.

Nico

P.S: Maybe I'll look into that tomorrow, but I'm currently short on time.