taint-enforce DB filenames

author: Jeremy Harris <jgh146exb@wizmail.org> 2020-01-11 21:50:05 +0000
committer: Jeremy Harris <jgh146exb@wizmail.org> 2020-01-11 21:50:05 +0000
commit: 79bc02a3499931de53f5e9ea74795d691b3a9569 (patch)
tree: d32085eb6e03031173830461cb8aacd1e40074ac
parent: 7d99cba1d36af854760c35100b29f0331f619fca (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/src/src/dbstuff.h b/src/src/dbstuff.h
index bf5fa3f6e..a45874dc9 100644
--- a/src/src/dbstuff.h
+++ b/src/src/dbstuff.h
@@ -642,7 +642,13 @@ after reading data. */
       : (flags) == O_RDWR ? "O_RDWR"	\
       : (flags) == (O_RDWR|O_CREAT) ? "O_RDWR|O_CREAT"	\
       : "??");	\
-  EXIM_DBOPEN__(name, dirname, flags, mode, dbpp); \
+  if (is_tainted(name) || is_tainted(dirname)) \
+    { \
+    log_write(0, LOG_MAIN|LOG_PANIC, "Tainted name for DB file not permitted"); \
+    *dbpp = NULL; \
+    } \
+  else \
+    { EXIM_DBOPEN__(name, dirname, flags, mode, dbpp); } \
   DEBUG(D_hints_lookup) debug_printf_indent("returned from EXIM_DBOPEN: %p\n", *dbpp); \
   } while(0)
 #  define EXIM_DBCLOSE(db) \
author	Jeremy Harris <jgh146exb@wizmail.org>	2020-01-11 21:50:05 +0000
committer	Jeremy Harris <jgh146exb@wizmail.org>	2020-01-11 21:50:05 +0000
commit	79bc02a3499931de53f5e9ea74795d691b3a9569 (patch)
tree	d32085eb6e03031173830461cb8aacd1e40074ac
parent	7d99cba1d36af854760c35100b29f0331f619fca (diff)