Only crash-plausible issue would require the Cambridge-specific
iplookup router and a misconfiguration.
Report from Marcin Mirosław
read-only, out of scope).
Patch from Wolfgang Breyha, report from Stuart Northfield.
read-only, out of scope).
Patch from Wolfgang Breyha, report from Stuart Northfield.
+PP/29 Fix three issues highlighted by clang analyser static analysis.
+ Only crash-plausible issue would require the Cambridge-specific
+ iplookup router and a misconfiguration.
+ Report from Marcin Mirosław.
+
Exim version 4.77
-----------------
Exim version 4.77
-----------------
expand_nlength[1] = Ustrlen(msgbuf);
expand_nmax = 1;
expand_nlength[1] = Ustrlen(msgbuf);
expand_nmax = 1;
+/* clean up globals which aren't referenced, but still shouldn't be left
+pointing to stack memory */
+#define CLEANUP_RETURN(Code) do { auth_vars[0] = expand_nstring[1] = NULL; \
+ expand_nlength[1] = expand_nmax = 0; return (Code); } while (0);
+
debug_print_string(ablock->server_debug_string); /* customized debug */
/* look up password */
debug_print_string(ablock->server_debug_string); /* customized debug */
/* look up password */
{
DEBUG(D_auth) debug_printf("auth_spa_server(): forced failure while "
"expanding spa_serverpassword\n");
{
DEBUG(D_auth) debug_printf("auth_spa_server(): forced failure while "
"expanding spa_serverpassword\n");
}
else
{
DEBUG(D_auth) debug_printf("auth_spa_server(): error while expanding "
"spa_serverpassword: %s\n", expand_string_message);
}
else
{
DEBUG(D_auth) debug_printf("auth_spa_server(): error while expanding "
"spa_serverpassword: %s\n", expand_string_message);
((unsigned char*)responseptr)+IVAL(&responseptr->ntResponse.offset,0),
24) == 0)
/* success. we have a winner. */
((unsigned char*)responseptr)+IVAL(&responseptr->ntResponse.offset,0),
24) == 0)
/* success. we have a winner. */
+ {
+ int rc = auth_check_serv_cond(ablock);
+ CLEANUP_RETURN(rc);
+ }
/* Expand server_condition as an authorization check (PH) */
/* Expand server_condition as an authorization check (PH) */
- return auth_check_serv_cond(ablock);
set, but if that changes, then it should apply to these tests too */
unspool_mbox();
set, but if that changes, then it should apply to these tests too */
unspool_mbox();
+ /* silence static analysis tools */
+ message_id = NULL;
+
address_item **addr_succeed) /* put old address here on success */
{
uschar *query = NULL;
address_item **addr_succeed) /* put old address here on success */
{
uschar *query = NULL;
uschar *hostname, *reroute, *domain, *listptr;
uschar host_buffer[256];
host_item *host = store_get(sizeof(host_item));
uschar *hostname, *reroute, *domain, *listptr;
uschar host_buffer[256];
host_item *host = store_get(sizeof(host_item));
DEBUG(D_route) debug_printf("%s router called for %s: domain = %s\n",
rblock->name, addr->address, addr->domain);
DEBUG(D_route) debug_printf("%s router called for %s: domain = %s\n",
rblock->name, addr->address, addr->domain);
+reply = store_get(256);
+
/* Build the query string to send. If not explicitly given, a default of
"user@domain user@domain" is used. */
/* Build the query string to send. If not explicitly given, a default of
"user@domain user@domain" is used. */