Re: [exim] Exim 4.93 published.

Góra strony
Delete this message
Reply to this message
Autor: Jeremy Harris
Data:  
Dla: exim-users
Temat: Re: [exim] Exim 4.93 published.
On 11/12/2019 14:31, Lena--- via Exim-users wrote:
> uschar *dir = expand_string(US "$spool_directory/grey");
> size_t dir_len = strlen(dir);
> uschar *filename = US store_get(dir_len+257, FALSE);


If your intended use of the rest of the allocated store is safe, yes.

"Safe" means "no content provided by a potential attacker".
Otherwise use "TRUE" (but you'd be foolish to go on and use
that for a filename).
--
Cheers,
Jeremy