Autor: jacob dahl pind Data: Dla: exim-users Temat: Re: [exim] 4.96 simplegreylist taint
On 8/4/22 18:56, Andrew C Aitchison via Exim-users wrote:
>
> Earlier in that page acl_m_greyident is defined as:
> # Generate a hashed 'identity' for the mail, as described above.
> warn set acl_m_greyident =
> ${hash{20}{62}{$sender_address$recipients$h_message-id:}}
> I don't know whether hash untaints ... but as I read the spec,
> if $sender_address$recipients$h_message-id: is less than 20 characters
> the hash returns this string, which should still be tainted.
> Other hash functions (md5, sha1, sha256 etc) which appear never to
> return the original string, and thus *may* not be tainted, are available.
>
You where right, I looked at source and the hash doesnt seem to have any
untaint , unlike the sha etc.
Change the line to
warn set acl_m_greyident =
${sha256:{$sender_address$recipients$h_message-id:}}
