summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2020-03-22 00:55:59 +0000
committerJeremy Harris <jgh146exb@wizmail.org>2020-03-22 09:49:46 +0000
commit36b600bb776d082be8cdd15c18daed3c29cfda7f (patch)
tree36b9fc80996507dc6d3bf7d6a8cdd959d635e728 /doc
parenta76d120aedbb1c19943db1227a14226ce6fdb679 (diff)
Taint: fix dsearch result to be untainted
Diffstat (limited to 'doc')
-rw-r--r--doc/doc-docbook/spec.xfpt17
-rw-r--r--doc/doc-txt/ChangeLog4
2 files changed, 18 insertions, 3 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index f91d51792..cf15942db 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -6762,7 +6762,12 @@ by default, but has an option to omit them (see section &<<SECTdbmbuild>>&).
whose name is the key by calling the &[lstat()]& function. The key may not
contain any forward slash characters. If &[lstat()]& succeeds, the result of
the lookup is the name of the entry, which may be a file, directory,
-symbolic link, or any other kind of directory entry. An example of how this
+symbolic link, or any other kind of directory entry.
+.new
+.cindex "tainted data" "dsearch result"
+It is regarded as untainted.
+.wen
+An example of how this
lookup can be used to support virtual domains is given in section
&<<SECTvirtualdomains>>&.
.next
@@ -36771,12 +36776,18 @@ to a router of this form:
virtual:
driver = redirect
domains = dsearch;/etc/mail/virtual
- data = ${lookup{$local_part}lsearch{/etc/mail/virtual/$domain}}
+ data = ${lookup{$local_part}lsearch{/etc/mail/virtual/$domain_data}}
no_more
.endd
+.new
The &%domains%& option specifies that the router is to be skipped, unless there
is a file in the &_/etc/mail/virtual_& directory whose name is the same as the
-domain that is being processed. When the router runs, it looks up the local
+domain that is being processed.
+The &(dsearch)& lookup used results in an untainted version of &$domain$&
+being placed into the &$domain_data$& variable.
+.wen
+
+When the router runs, it looks up the local
part in the file to find a new address (or list of addresses). The &%no_more%&
setting ensures that if the lookup fails (leading to &%data%& being an empty
string), Exim gives up on the address without trying any subsequent routers.
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 74568ce3f..be07ba625 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -152,6 +152,10 @@ JH/31 Fix spurious detection of timeout while writing to transport filter.
JH/32 Bug 2541: Fix segfault on bad cmdline -f (sender) argument. Previously
an attempt to copy the string was made before checking it.
+JH/33 Fix the dsearch lookup to return an untainted result. Previously the
+ taint of the lookup key was maintained; we now regard the presence in the
+ filesystem as sufficient validation.
+
Exim version 4.93
-----------------