[exim-dev] [Bug 2598] Taint mismatch, string_nextinlist: ac…

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 2598] Taint mismatch, string_nextinlist: acl_verify 1770
https://bugs.exim.org/show_bug.cgi?id=2598

--- Comment #7 from martynas@??? ---
That's:
while ((opt = string_nextinlist(&sublist, &optsep, buffer, sizeof(buffer))))

In this section:
else if (strncmpic(ss, US"callout", 7) == 0)

I guess it should be changed to:
while ((opt = string_nextinlist(&sublist, &optsep, NULL, 0)))

Just not so sure if it's safe to do it :) (would need approval from your side)

--
You are receiving this mail because:
You are on the CC list for the bug.