Re: [exim] Sieve filters broken due to tainted expansions?

Top Page
Delete this message
Reply to this message
Author: Michael Haardt
Date:  
To: Tobias Klausmann via Exim-users
Subject: Re: [exim] Sieve filters broken due to tainted expansions?
> # exim -bt klausman-gentoo@???
> LOG: MAIN PANIC
> attempt to expand tainted string '$rheader_From'
> LOG: MAIN PANIC
> attempt to expand tainted string '${if def:header_From {true}{false}}'
> Sieve error: header string expansion failed in line 3


This is quite likely an internal expansion from sieve.c:2327. I did
not really follow the list recently, so I missed the introduction of
"tainted" expansions, but the code does this:

      expand_header(&header_value,h);
      header_def=expand_string(string_sprintf("${if def:header_%s {true}{false}}",quote(h)));
      if (header_value.character == NULL || header_def == NULL)


That's to expand and check if a header is defined in order to
compare it with a value. Perhaps there is a better way to do
that or a different API should be used now?

Michael