X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fsrc%2Fbmi_spam.c;h=6972bc3a7957bdac5f09028b0cd59448734974c6;hb=ef77ddc9239a2a96442b7708c825235823d6c9ce;hp=6651de5ad7d195a9d5ee0212fa976750bf4a3ff5;hpb=f3ebb786e451da973560f1c9d8cdb151d25108b5;p=user%2Fhenk%2Fcode%2Fexim.git

diff --git a/src/src/bmi_spam.c b/src/src/bmi_spam.c
index 6651de5ad..6972bc3a7 100644
--- a/src/src/bmi_spam.c
+++ b/src/src/bmi_spam.c
@@ -448,9 +448,11 @@ int bmi_check_rule(uschar *base64_verdict, uschar *option_list) {
   }
 
   /* loop through numbers */
+  /* option_list doesn't seem to be expanded so cannot be tainted.  If it ever is we
+  will trap here */
   rule_ptr = option_list;
   while ((rule_num = string_nextinlist(&rule_ptr, &sep,
-                                       rule_buffer, 32)) != NULL) {
+                                       rule_buffer, sizeof(rule_buffer)))) {
     int rule_int = -1;
 
     /* try to translate to int */