Re: [exim] Another strange log about tainting

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Ian Zimmerman
Date:  
À: exim-users
Sujet: Re: [exim] Another strange log about tainting
On 2019-12-11 09:55, Jeremy Harris wrote:

> So: what sort of memory were you expanding, and what string was in it
> (just "${exim_version}" ? That plus something else (what)? )?


It was just like this:

const uschar* exim_version = expand_string(US "${exim_version}");
if (Ustrcmp(exim_version, EXIM_VERSION_STR)) {

[...]

It was meant as a crude protection against using a module with a
different exim than the one it was compiled for.

--
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet and on broken lists
which rewrite From, fetch the TXT record for no-use.mooo.com.