Gitweb:
https://git.exim.org/exim.git/commitdiff/6440616152c46002c71a3a6413adeeb0fe435db0
Commit: 6440616152c46002c71a3a6413adeeb0fe435db0
Parent: aefbeb18345c135636594d892fd5bb3e7a1c5edd
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Sun Jan 26 20:28:36 2020 +0000
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Tue Jan 28 12:34:43 2020 +0000
Taint: fix hybrid-mode transition
---
src/src/store.c | 16 +++++++++++-----
test/confs/0599 | 1 +
test/runtest | 3 +++
3 files changed, 15 insertions(+), 5 deletions(-)
diff --git a/src/src/store.c b/src/src/store.c
index 1fe97e6..3192b97 100644
--- a/src/src/store.c
+++ b/src/src/store.c
@@ -225,14 +225,20 @@ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Taint mismatch, %s: %s %d\n",
}
static void
-use_slow_taint_check(void)
+use_slow_taint_check(const uschar * why)
{
#ifndef COMPILE_UTILITY
-DEBUG(D_any) debug_printf("switching to slow-mode taint checking\n");
+DEBUG(D_any)
+ debug_printf("switching to slow-mode taint checking (after %s) "
+ "taint bounds %p %p\n", why, tainted_base, tainted_top);
#endif
f.taint_check_slow = TRUE;
}
+/* If the creation of a new tainted region results in any of the
+untainted regions appearing to be tainted, using the fast-mode test,
+we need to switch to safe-but-slow mode. */
+
static void
verify_all_untainted(void)
{
@@ -242,7 +248,7 @@ for (int pool = 0; pool < POOL_TAINT_BASE; pool++)
uschar * bc = US b + ALIGNED_SIZEOF_STOREBLOCK;
if (is_tainted(bc))
{
- use_slow_taint_check();
+ use_slow_taint_check(US"mmap");
return;
}
}
@@ -841,7 +847,7 @@ if (!(yield = mmap(NULL, (size_t)size,
if (yield < tainted_base) tainted_base = yield;
if ((top = US yield + size) > tainted_top) tainted_top = top;
-if (!f.taint_check_slow) use_slow_taint_check();
+if (!f.taint_check_slow) verify_all_untainted();
return store_alloc_tail(yield, size, func, line, US"Mmap");
}
@@ -879,7 +885,7 @@ the slower checking for tainting (checking an address against all
the tainted pool block spans, rather than just the mmap span) */
if (!f.taint_check_slow && is_tainted(yield))
- use_slow_taint_check();
+ use_slow_taint_check(US"malloc");
return store_alloc_tail(yield, size, func, linenumber, US"Malloc");
}
diff --git a/test/confs/0599 b/test/confs/0599
index 5466712..efdbd3c 100644
--- a/test/confs/0599
+++ b/test/confs/0599
@@ -50,5 +50,6 @@ smtp:
hosts = HOSTIPV4
port = PORT_D
allow_localhost
+ hosts_try_fastopen = :
# End
diff --git a/test/runtest b/test/runtest
index 595566e..d9db2cc 100755
--- a/test/runtest
+++ b/test/runtest
@@ -1325,6 +1325,9 @@ RESET_AFTER_EXTRA_LINE_READ:
s/^errno = \d+$/errno = EEE/;
s/^writing error \d+: /writing error EEE: /;
+ # Some platforms have to flip to slow-mode taint-checking
+ next if /switching to slow-mode taint checking/;
+
# When Exim is checking the size of directories for maildir, it uses
# the check_dir_size() function to scan directories. Of course, the order
# of the files that are obtained using readdir() varies from system to
