Gitweb:
https://git.exim.org/exim.git/commitdiff/14ca5d2ac6c3536fe189435269a302ef14e972cf
Commit: 14ca5d2ac6c3536fe189435269a302ef14e972cf
Parent: e2ae28ed72ed4253536367f8aad58782c7d8be18
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Mon Jul 29 15:48:05 2019 +0100
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Mon Jul 29 15:48:05 2019 +0100
Fix taint-checking on OpenBSD
---
src/OS/Makefile-OpenBSD | 1 +
src/src/functions.h | 1 +
src/src/mytypes.h | 4 ++++
src/src/readconf.c | 22 +++++++++++-----------
src/src/store.c | 29 +++++++++++++++++++++++++++++
src/src/transports/smtp.c | 4 ++++
src/src/verify.c | 2 +-
7 files changed, 51 insertions(+), 12 deletions(-)
diff --git a/src/OS/Makefile-OpenBSD b/src/OS/Makefile-OpenBSD
index 5a89478..2b37a73 100644
--- a/src/OS/Makefile-OpenBSD
+++ b/src/OS/Makefile-OpenBSD
@@ -5,6 +5,7 @@ CHGRP_COMMAND=/usr/sbin/chgrp
CHMOD_COMMAND=/bin/chmod
CFLAGS=-O2 -Wall -Wno-parentheses -Wno-self-assign -Wno-logical-op-parentheses
+CFLAGS += -DTAINT_CHECK_SLOW
LIBS=-lm
diff --git a/src/src/functions.h b/src/src/functions.h
index 0602789..6347b23 100644
--- a/src/src/functions.h
+++ b/src/src/functions.h
@@ -285,6 +285,7 @@ extern int ip_unixsocket(const uschar *, uschar **);
extern int ip_streamsocket(const uschar *, uschar **, int);
extern int ipv6_nmtoa(int *, uschar *);
+extern BOOL is_tainted_fn(const void *);
extern uschar *local_part_quote(uschar *);
extern int log_create(uschar *);
diff --git a/src/src/mytypes.h b/src/src/mytypes.h
index a68dc28..f755133 100644
--- a/src/src/mytypes.h
+++ b/src/src/mytypes.h
@@ -136,6 +136,10 @@ is_tainted(const void * p)
{
#if defined(COMPILE_UTILITY) || defined(MACRO_PREDEF)
return FALSE;
+
+#elif defined(TAINT_CHECK_SLOW)
+return is_tainted_fn(p);
+
#else
extern void * tainted_base, * tainted_top;
return p >= tainted_base && p < tainted_top;
diff --git a/src/src/readconf.c b/src/src/readconf.c
index 6ed2ea4..d13d051 100644
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -3326,19 +3326,19 @@ if (f.trusted_config && Ustrcmp(filename, US"/dev/null"))
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Exim configuration file %s has the "
"wrong owner, group, or mode", big_buffer);
- }
-/* Do a dummy store-allocation of a size related to the (toplevel) file size.
-This assumes we will need this much storage to handle all the allocations
-during startup; it won't help when .include is being used. When it does, it
-will cut down on the number of store blocks (and malloc calls, and sbrk
-syscalls). It also assume we're on the relevant pool. */
+ /* Do a dummy store-allocation of a size related to the (toplevel) file size.
+ This assumes we will need this much storage to handle all the allocations
+ during startup; it won't help when .include is being used. When it does, it
+ will cut down on the number of store blocks (and malloc calls, and sbrk
+ syscalls). It also assume we're on the relevant pool. */
-if (statbuf.st_size > 8192)
- {
- rmark r = store_mark();
- void * dummy = store_get((int)statbuf.st_size, FALSE);
- store_reset(r);
+ if (statbuf.st_size > 8192)
+ {
+ rmark r = store_mark();
+ void * dummy = store_get((int)statbuf.st_size, FALSE);
+ store_reset(r);
+ }
}
/* Process the main configuration settings. They all begin with a lower case
diff --git a/src/src/store.c b/src/src/store.c
index b7cf4cd..045f27f 100644
--- a/src/src/store.c
+++ b/src/src/store.c
@@ -159,6 +159,35 @@ static void internal_store_free(void *, const char *, int linenumber);
/******************************************************************************/
+/* Slower version check, for use when platform intermixes malloc and mmap area
+addresses. */
+
+BOOL
+is_tainted_fn(const void * p)
+{
+storeblock * b;
+int pool;
+
+for (pool = 0; pool < nelem(chainbase); pool++)
+ if ((b = current_block[pool]))
+ {
+ char * bc = CS b + ALIGNED_SIZEOF_STOREBLOCK;
+ if (CS p >= bc && CS p <= bc + b->length) goto hit;
+ }
+
+for (pool = 0; pool < nelem(chainbase); pool++)
+ for (b = chainbase[pool]; b; b = b->next)
+ {
+ char * bc = CS b + ALIGNED_SIZEOF_STOREBLOCK;
+ if (CS p >= bc && CS p <= bc + b->length) goto hit;
+ }
+return FALSE;
+
+hit:
+return pool >= POOL_TAINT_BASE;
+}
+
+
void
die_tainted(const uschar * msg, const uschar * func, int line)
{
diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c
index 617a55a..03243f3 100644
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -8,6 +8,10 @@
#include "../exim.h"
#include "smtp.h"
+#if defined(SUPPORT_DANE) && defined(DISABLE_TLS)
+# error TLS is required for DANE
+#endif
+
/* Options specific to the smtp transport. This transport also supports LMTP
over TCP/IP. The options must be in alphabetic order (note that "_" comes
diff --git a/src/src/verify.c b/src/src/verify.c
index a127606..4422b4a 100644
--- a/src/src/verify.c
+++ b/src/src/verify.c
@@ -2349,7 +2349,7 @@ for (header_line * h = header_list; h; h = h->next)
if ((*s < 33) || (*s > 126))
{
*msgptr = string_sprintf("Invalid character in header \"%.*s\" found",
- colon - h->text, h->text);
+ (int)(colon - h->text), h->text);
return FAIL;
}
}
