Gitweb:
https://git.exim.org/exim.git/commitdiff/ace68726852d08deec815a37f369a4e31be77813
Commit: ace68726852d08deec815a37f369a4e31be77813
Parent: 2382cd3e81838709abd3b0c1b410f65274d90e25
Author: Heiko Schlittermann (HS12-RIPE) <hs@???>
AuthorDate: Sun Mar 28 10:50:14 2021 +0200
Committer: Heiko Schlittermann (HS12-RIPE) <hs@???>
CommitDate: Thu Jun 24 21:43:05 2021 +0200
acl
(cherry picked from commit 44fd80ad8abcd885fc1c8dbb294fc2140e4ef481)
---
src/src/acl.c | 45 +++++++++++++++++++++------------------------
1 file changed, 21 insertions(+), 24 deletions(-)
diff --git a/src/src/acl.c b/src/src/acl.c
index f358516..56d7468 100644
--- a/src/src/acl.c
+++ b/src/src/acl.c
@@ -3702,20 +3702,22 @@ for (; cb; cb = cb->next)
#endif
case ACLC_QUEUE:
- if (is_tainted(arg))
{
- *log_msgptr = string_sprintf("Tainted name '%s' for queue not permitted",
- arg);
- return ERROR;
- }
- if (Ustrchr(arg, '/'))
- {
- *log_msgptr = string_sprintf(
- "Directory separator not permitted in queue name: '%s'", arg);
- return ERROR;
+ uschar *m;
+ if (m = is_tainted2(arg, 0, "Tainted name '%s' for queue not permitted", arg))
+ {
+ *log_msgptr = m;
+ return ERROR;
+ }
+ if (Ustrchr(arg, '/'))
+ {
+ *log_msgptr = string_sprintf(
+ "Directory separator not permitted in queue name: '%s'", arg);
+ return ERROR;
+ }
+ queue_name = string_copy_perm(arg, FALSE);
+ break;
}
- queue_name = string_copy_perm(arg, FALSE);
- break;
case ACLC_RATELIMIT:
rc = acl_ratelimit(arg, where, log_msgptr);
@@ -4088,25 +4090,14 @@ while (isspace(*ss)) ss++;
acl_text = ss;
-#ifdef notyet_taintwarn
if ( !f.running_in_test_harness
&& is_tainted2(acl_text, LOG_MAIN|LOG_PANIC,
- "attempt to use tainted ACL text \"%s\"", acl_text))
+ "Tainted ACL text \"%s\"", acl_text))
{
/* Avoid leaking info to an attacker */
*log_msgptr = US"internal configuration error";
return ERROR;
}
-#else
-if (is_tainted(acl_text) && !f.running_in_test_harness)
- {
- log_write(0, LOG_MAIN|LOG_PANIC,
- "attempt to use tainted ACL text \"%s\"", acl_text);
- /* Avoid leaking info to an attacker */
- *log_msgptr = US"internal configuration error";
- return ERROR;
- }
-#endif
/* Handle the case of a string that does not contain any spaces. Look for a
named ACL among those read from the configuration, or a previously read file.
@@ -4131,6 +4122,12 @@ if (Ustrchr(ss, ' ') == NULL)
else if (*ss == '/')
{
struct stat statbuf;
+ if (is_tainted2(ss, LOG_MAIN|LOG_PANIC, "Tainted ACL file name '%s'", ss))
+ {
+ /* Avoid leaking info to an attacker */
+ *log_msgptr = US"internal configuration error";
+ return ERROR;
+ }
if ((fd = Uopen(ss, O_RDONLY, 0)) < 0)
{
*log_msgptr = string_sprintf("failed to open ACL file \"%s\": %s", ss,