[exim-dev] [Bug 2623] sqlite lookup taint problem

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Old-Topics: [exim-dev] [Bug 2623] New: sqlite_dbfile is ignored in list lookups
Subject: [exim-dev] [Bug 2623] sqlite lookup taint problem
https://bugs.exim.org/show_bug.cgi?id=2623

--- Comment #3 from Andras Nagy <andras@???> ---
Thanks for the quick follow-up.

JFTR, when I tried it with a constant (i.e. non-tainted) query string, in 4.94,
it just SEGV'd. I assumed that's the same issue as 2606, since "select" is
typically not a file that exists.


Also, I think the suggested workaround has very different semantics than the
original. The

domainlist relay_to_domains = sqlite;select ...

syntax means that when a domain is looked up in the list, the query is
executed, and the domain is considered to be in the list when the query returns
at least one row. "[T]he value resulting from the lookup is not used" (spec
10.9.)

The

domainlist relay_to_domains = ${lookup sqlite {select ...}}

syntax means when a domain is looked up in the list, the query is executed, and
each row returned by the query is compared with the domain being looked up, and
the domain is considered be in the list when it's equal to one of the rows
returned.

Since the specific use case looks like this, the workaround is not suitable.

domainlist foo = sqlite;select 'yes' from ...

--
You are receiving this mail because:
You are on the CC list for the bug.