Hello.
I have a rewrite rule for one client:
*@XXX.msk.ru ${lookup{$0}wildlsearch{/path/to/maps/XXX.msk.ru.map}{$value}{${sg{$local_part}{_}{.}}@???}} Fcbtrf
After upgrade to 4.93 I found that mails from XXX.msk.ru are rejected
with "421 Unexpected failure", and panic.log contains records like
2020-01-13 14:55:25.279 [115431] 1iqyJZ-000U1n-8z Taint mismatch, Ustrncpy: rewrite_one_header 611
2020-01-13 14:58:45.412 [116160] 1iqyMn-000UDY-DI Taint mismatch, Ustrncpy: rewrite_one_header 611
2020-01-13 15:21:26.775 [118739] 1iqyik-000Ut9-Oz Taint mismatch, Ustrncpy: rewrite_one_header 611
It's clear that reason is the presence of $local_part on the right side.
However, there are no file operations on the right side, so I'd expect
this operation is safe and should be permitted in this context.
Is it correct or not?
If it's not a bug, how arbitrary address substitutions can be done
in similar cases? Should we use some external script?
--
Eugene Berdnikov
