X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;ds=sidebyside;f=src%2Fsrc%2Fexim_dbutil.c;h=13f74540e3adf2c99f3d25fcee6d8005cd5173a0;hb=8f0d0a3138e138ffa6bcc94c8378f5eb22573f0e;hp=742952758b3a7ec2f3b3b99b360056ff123615b3;hpb=2bde51964df7b459f1cc6853ffa7f5466d02554f;p=user%2Fhenk%2Fcode%2Fexim.git diff --git a/src/src/exim_dbutil.c b/src/src/exim_dbutil.c index 742952758..13f74540e 100644 --- a/src/src/exim_dbutil.c +++ b/src/src/exim_dbutil.c @@ -69,6 +69,13 @@ struct global_flags f; unsigned int log_selector[1]; uschar * queue_name; BOOL split_spool_directory; + + +/* These introduced by the taintwarn handling */ +#ifdef ALLOW_INSECURE_TAINTED_DATA +BOOL allow_insecure_tainted_data; +#endif + /******************************************************************************/ @@ -388,7 +395,7 @@ pick out the timestamps, etc., do the copying centrally here. Arguments: dbblock a pointer to an open database block key the key of the record to be read - length where to put the length (or NULL if length not wanted) + length where to put the length (or NULL if length not wanted). Includes overhead. Returns: a pointer to the retrieved record, or NULL if the record is not found @@ -416,7 +423,7 @@ we should store the taint status along with the data. */ yield = store_get(EXIM_DATUM_SIZE(result_datum), TRUE); memcpy(yield, EXIM_DATUM_DATA(result_datum), EXIM_DATUM_SIZE(result_datum)); -if (length != NULL) *length = EXIM_DATUM_SIZE(result_datum); +if (length) *length = EXIM_DATUM_SIZE(result_datum); EXIM_DATUM_FREE(result_datum); /* Some DBM libs require freeing */ return yield; @@ -551,6 +558,8 @@ EXIM_CURSOR *cursor; uschar **argv = USS cargv; uschar keybuffer[1024]; +store_init(); + /* Check the arguments, and open the database */ dbdata_type = check_args(argc, argv, US"dumpdb", US""); @@ -616,6 +625,7 @@ for (uschar * key = dbfn_scan(dbm, TRUE, &cursor); t = wait->text; name[MESSAGE_ID_LENGTH] = 0; + /* Leave corrupt records alone */ if (wait->count > WAIT_NAME_MAX) { fprintf(stderr, @@ -764,6 +774,7 @@ uschar buffer[256]; uschar name[256]; rmark reset_point; +store_init(); name[0] = 0; /* No name set */ /* Sort out the database type, verify what we are working on and then process @@ -1133,6 +1144,8 @@ uschar **argv = USS cargv; uschar buffer[256]; uschar *key; +store_init(); + /* Scan the options */ for (i = 1; i < argc; i++) @@ -1218,7 +1231,7 @@ for (; keychain && (reset_point = store_mark()); store_reset(reset_point)) /* A continuation record may have been deleted or renamed already, so non-existence is not serious. */ - if (value == NULL) continue; + if (!value) continue; /* Delete if too old */ @@ -1239,12 +1252,33 @@ for (; keychain && (reset_point = store_mark()); store_reset(reset_point)) /* Leave corrupt records alone */ + if (wait->time_stamp > time(NULL)) + { + printf("**** Data for '%s' corrupted\n time in future: %s\n", + key, print_time(((dbdata_generic *)value)->time_stamp)); + continue; + } if (wait->count > WAIT_NAME_MAX) { - printf("**** Data for %s corrupted\n count=%d=0x%x max=%d\n", + printf("**** Data for '%s' corrupted\n count=%d=0x%x max=%d\n", key, wait->count, wait->count, WAIT_NAME_MAX); continue; } + if (wait->sequence > WAIT_CONT_MAX) + { + printf("**** Data for '%s' corrupted\n sequence=%d=0x%x max=%d\n", + key, wait->sequence, wait->sequence, WAIT_CONT_MAX); + continue; + } + + /* Record over 1 year old; just remove it */ + + if (wait->time_stamp < time(NULL) - 365*24*60*60) + { + dbfn_delete(dbm, key); + printf("deleted %s (too old)\n", key); + continue; + } /* Loop for renamed continuation records. For each message id, check to see if the message exists, and if not, remove its entry