Author: Phil Pennock Date: To: Mike Cardwell CC: exim-dev Subject: Re: [exim-dev] null char in string expansions
On 2009-11-05 at 18:57 +0000, Mike Cardwell wrote: > Hi,
>
> I was trying to generate unique IDs by taking a bunch of variables,
> joining them together and creating an MD5 of the result. I used the null
> character to separate the items before generating the MD5 which lead to
> me accidently coming across this problem:
>
> root@haven:~# exim4 -be '${md5:foo}'
> acbd18db4cc2f85cedef654fccc4a4d8
> root@haven:~# exim4 -be '${md5:foo\0bar}'
> acbd18db4cc2f85cedef654fccc4a4d8
> root@haven:~#
>
> I'm assuming that's a bug? It doesn't just affect ${md5} ...
>
> root@haven:~# exim4 -be '${substr_0_6:foo\0bar}'
> foo
> root@haven:~#
>
> Should I bugzilla it?
Exim's string handling language is not NUL-safe and it's a design choice
-- C strings are used everywhere. PH explained this to me when I wanted
to use a NUL separator between fields stored as values in CDB files,
IIRC.
You can file a bug, sure, but the amount of work involved in changing
this would be considerable. Exim handles NULs in emails just fine, but
not in any of the current string handling code.