Fix taint-checking on OpenBSD

author: Jeremy Harris <jgh146exb@wizmail.org> 2019-07-29 15:48:05 +0100
committer: Jeremy Harris <jgh146exb@wizmail.org> 2019-07-29 15:48:05 +0100
commit: 14ca5d2ac6c3536fe189435269a302ef14e972cf (patch)
tree: a4f08fdb57eedee5f761f057a7a8649169747414
parent: e2ae28ed72ed4253536367f8aad58782c7d8be18 (diff)
7 files changed, 51 insertions, 12 deletions
diff --git a/src/OS/Makefile-OpenBSD b/src/OS/Makefile-OpenBSD
index 5a894789c..2b37a7373 100644
--- a/src/OS/Makefile-OpenBSD
+++ b/src/OS/Makefile-OpenBSD
@@ -5,6 +5,7 @@ CHGRP_COMMAND=/usr/sbin/chgrp
 CHMOD_COMMAND=/bin/chmod
 
 CFLAGS=-O2 -Wall -Wno-parentheses -Wno-self-assign -Wno-logical-op-parentheses
+CFLAGS += -DTAINT_CHECK_SLOW
 
 LIBS=-lm
 
diff --git a/src/src/functions.h b/src/src/functions.h
index 060278959..6347b231f 100644
--- a/src/src/functions.h
+++ b/src/src/functions.h
@@ -285,6 +285,7 @@ extern int     ip_unixsocket(const uschar *, uschar **);
 extern int     ip_streamsocket(const uschar *, uschar **, int);
 
 extern int     ipv6_nmtoa(int *, uschar *);
+extern BOOL    is_tainted_fn(const void *);
 
 extern uschar *local_part_quote(uschar *);
 extern int     log_create(uschar *);
diff --git a/src/src/mytypes.h b/src/src/mytypes.h
index a68dc2817..f7551336c 100644
--- a/src/src/mytypes.h
+++ b/src/src/mytypes.h
@@ -136,6 +136,10 @@ is_tainted(const void * p)
 {
 #if defined(COMPILE_UTILITY) || defined(MACRO_PREDEF)
 return FALSE;
+
+#elif defined(TAINT_CHECK_SLOW)
+return is_tainted_fn(p);
+
 #else
 extern void * tainted_base, * tainted_top;
 return p >= tainted_base && p < tainted_top;
diff --git a/src/src/readconf.c b/src/src/readconf.c
index 6ed2ea409..d13d05142 100644
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -3326,19 +3326,19 @@ if (f.trusted_config && Ustrcmp(filename, US"/dev/null"))
 
     log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Exim configuration file %s has the "
       "wrong owner, group, or mode", big_buffer);
-  }
 
-/* Do a dummy store-allocation of a size related to the (toplevel) file size.
-This assumes we will need this much storage to handle all the allocations
-during startup; it won't help when .include is being used.  When it does, it
-will cut down on the number of store blocks (and malloc calls, and sbrk
-syscalls).  It also assume we're on the relevant pool. */
+  /* Do a dummy store-allocation of a size related to the (toplevel) file size.
+  This assumes we will need this much storage to handle all the allocations
+  during startup; it won't help when .include is being used.  When it does, it
+  will cut down on the number of store blocks (and malloc calls, and sbrk
+  syscalls).  It also assume we're on the relevant pool. */
 
-if (statbuf.st_size > 8192)
-  {
-  rmark r = store_mark();
-  void * dummy = store_get((int)statbuf.st_size, FALSE);
-  store_reset(r);
+  if (statbuf.st_size > 8192)
+    {
+    rmark r = store_mark();
+    void * dummy = store_get((int)statbuf.st_size, FALSE);
+    store_reset(r);
+    }
   }
 
 /* Process the main configuration settings. They all begin with a lower case
diff --git a/src/src/store.c b/src/src/store.c
index b7cf4cdee..045f27f8e 100644
--- a/src/src/store.c
+++ b/src/src/store.c
@@ -159,6 +159,35 @@ static void   internal_store_free(void *, const char *, int linenumber);
 
 /******************************************************************************/
 
+/* Slower version check, for use when platform intermixes malloc and mmap area
+addresses. */
+
+BOOL
+is_tainted_fn(const void * p)
+{
+storeblock * b;
+int pool;
+
+for (pool = 0; pool < nelem(chainbase); pool++)
+  if ((b = current_block[pool]))
+    {
+    char * bc = CS b + ALIGNED_SIZEOF_STOREBLOCK;
+    if (CS p >= bc && CS p <= bc + b->length) goto hit;
+    }
+
+for (pool = 0; pool < nelem(chainbase); pool++)
+  for (b = chainbase[pool]; b; b = b->next)
+    {
+    char * bc = CS b + ALIGNED_SIZEOF_STOREBLOCK;
+    if (CS p >= bc && CS p <= bc + b->length) goto hit;
+    }
+return FALSE;
+
+hit:
+return pool >= POOL_TAINT_BASE;
+}
+
+
 void
 die_tainted(const uschar * msg, const uschar * func, int line)
 {
diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c
index 617a55a16..03243f3fc 100644
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -8,6 +8,10 @@
 #include "../exim.h"
 #include "smtp.h"
 
+#if defined(SUPPORT_DANE) && defined(DISABLE_TLS)
+# error TLS is required for DANE
+#endif
+
 
 /* Options specific to the smtp transport. This transport also supports LMTP
 over TCP/IP. The options must be in alphabetic order (note that "_" comes
diff --git a/src/src/verify.c b/src/src/verify.c
index a1276068b..4422b4ad1 100644
--- a/src/src/verify.c
+++ b/src/src/verify.c
@@ -2349,7 +2349,7 @@ for (header_line * h = header_list; h; h = h->next)
     if ((*s < 33) || (*s > 126))
       {
       *msgptr = string_sprintf("Invalid character in header \"%.*s\" found",
-			     colon - h->text, h->text);
+			     (int)(colon - h->text), h->text);
       return FAIL;
       }
   }
author	Jeremy Harris <jgh146exb@wizmail.org>	2019-07-29 15:48:05 +0100
committer	Jeremy Harris <jgh146exb@wizmail.org>	2019-07-29 15:48:05 +0100
commit	14ca5d2ac6c3536fe189435269a302ef14e972cf (patch)
tree	a4f08fdb57eedee5f761f057a7a8649169747414
parent	e2ae28ed72ed4253536367f8aad58782c7d8be18 (diff)