X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fsrc%2Fdbfn.c;h=1f058ef7236621305af047b42c8e9def9d900799;hb=f0fe22cbc29ee4f887aa254f2590a9e72401e237;hp=63a1aefe353818ea385feee3b6700828fc5e05e5;hpb=f3ebb786e451da973560f1c9d8cdb151d25108b5;p=user%2Fhenk%2Fcode%2Fexim.git

diff --git a/src/src/dbfn.c b/src/src/dbfn.c
index 63a1aefe3..1f058ef72 100644
--- a/src/src/dbfn.c
+++ b/src/src/dbfn.c
@@ -206,7 +206,8 @@ if (created && geteuid() == root_uid)
     if (Ustrncmp(ent->d_name, name, namelen) == 0)
       {
       struct stat statbuf;
-      Ustrcpy(lastname, US ent->d_name);
+      /* Filenames from readdir() are trusted, so use a taint-nonchecking copy */
+      strcpy(CS lastname, CCS ent->d_name);
       if (Ustat(filename, &statbuf) >= 0 && statbuf.st_uid != exim_uid)
         {
         DEBUG(D_hints_lookup) debug_printf_indent("ensuring %s is owned by exim\n", filename);