On Tue, Oct 15, 2013 at 11:31 AM, Mike Cardwell
<exim-dev@???> wrote:
> Think I've found a bug in the experimental PRDR support in 4.82 RC3.
> I grabbed the Debian 4.82 RC3 package, enabled a few experimental
> features and then did a dpkg-buildpackage. Here's where it bombed out
> when PRDR was enabled:
>
> ========================================================================
> receive.c: In function ‘receive_msg’:
> receive.c:3315:2: error: format not a string literal and no format arguments [-Werror=format-security]
> else log_write(0, LOG_MAIN, CS msg);
> ========================================================================
Good catch. Adding -Werror=format-security to my build flags
triggered it to. Going to add that from now on.
The format string is:
uschar * msg= US"PRDR R=<%s> %s"
This is done in the loop that processes all of the recipients:
if (user_msg != NULL)
smtp_user_msg(code, user_msg);
else
{
switch (rc)
{
case OK: case DISCARD:
msg = string_sprintf(CS msg, addr, "acceptance"); break;
case DEFER:
msg = string_sprintf(CS msg, addr, "temporary refusal"); break;
default:
msg = string_sprintf(CS msg, addr, "refusal"); break;
}
smtp_user_msg(code, msg);
}
So if user_msg is null, then it does the else and converts msg to a
string using the pre-defined formats.
if (log_msg) log_write(0, LOG_MAIN, "PRDR %s %s", addr, log_msg);
else if (user_msg) log_write(0, LOG_MAIN, "PRDR %s %s", addr, user_msg);
else log_write(0, LOG_MAIN, CS msg);
Changing the last line thusly seems to handle it:
- else log_write(0, LOG_MAIN, CS msg);
+ else log_write(0, LOG_MAIN, "%s", CS msg);
If this looks correct to you, let me know and I'll commit it.
...Todd
--
The total budget at all receivers for solving senders' problems is $0.
If you want them to accept your mail and manage it the way you want,
send it the way the spec says to. --John Levine
