Add perl_taintmode option

author: Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> 2016-02-01 13:13:27 +0100
committer: Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> 2016-04-07 09:45:33 +0200
commit: 2f680c0c44778f97c056fb06d60fb03f4cf69c31 (patch)
tree: d8343559845483d313ac6a989591766e3543b237 /src
parent: c0ebc07afcedf09ec166a31a6e14928c2cd03d26 (diff)
5 files changed, 14 insertions, 2 deletions
diff --git a/src/conf b/src/conf
new file mode 100644
index 000000000..1619c0da8
--- /dev/null
+++ b/src/conf
@@ -0,0 +1,2 @@
+perl_startup = $| = 1; print "<${^TAINT}>\n";
+perl_taintmode = yes
diff --git a/src/src/globals.c b/src/src/globals.c
index 8e5a4dfe8..be1fae849 100644
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -49,6 +49,7 @@ duplicate them here... */
 uschar *opt_perl_startup       = NULL;
 BOOL    opt_perl_at_start      = FALSE;
 BOOL    opt_perl_started       = FALSE;
+BOOL    opt_perl_taintmode     = FALSE;
 #endif
 
 #ifdef EXPAND_DLFUNC
diff --git a/src/src/globals.h b/src/src/globals.h
index 5a0b79eb1..72bb13919 100644
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -28,6 +28,7 @@ typedef volatile sig_atomic_t SIGNAL_BOOL;
 extern uschar *opt_perl_startup;       /* Startup code for Perl interpreter */
 extern BOOL    opt_perl_at_start;      /* Start Perl interpreter at start */
 extern BOOL    opt_perl_started;       /* Set once interpreter started */
+extern BOOL    opt_perl_taintmode;     /* Enable taint mode in Perl */
 #endif
 
 #ifdef EXPAND_DLFUNC
diff --git a/src/src/perl.c b/src/src/perl.c
index 543b5d27d..fbe9ee842 100644
--- a/src/src/perl.c
+++ b/src/src/perl.c
@@ -13,6 +13,7 @@
 /* This Perl add-on can be distributed under the same terms as Exim itself. */
 /* See the file NOTICE for conditions of use and distribution. */
 
+#include <assert.h>
 #include "exim.h"
 
 #define EXIM_TRUE TRUE
@@ -95,11 +96,17 @@ static void  xs_init(pTHX)
 uschar *
 init_perl(uschar *startup_code)
 {
-  static int argc = 2;
-  static char *argv[3] = { "exim-perl", "/dev/null", 0 };
+  static int argc = 1;
+  static char *argv[4] = { "exim-perl" };
   SV *sv;
   STRLEN len;
 
+  if (opt_perl_taintmode) argv[argc++] = "-T";
+  argv[argc++] = "/dev/null";
+  argv[argc] = 0;
+
+  assert(sizeof(argv)/sizeof(argv[0]) > argc);
+
   if (interp_perl) return 0;
   interp_perl = perl_alloc();
   perl_construct(interp_perl);
diff --git a/src/src/readconf.c b/src/src/readconf.c
index 5ca6a8476..ba4cb668b 100644
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -349,6 +349,7 @@ static optionlist optionlist_config[] = {
 #ifdef EXIM_PERL
   { "perl_at_start",            opt_bool,        &opt_perl_at_start },
   { "perl_startup",             opt_stringptr,   &opt_perl_startup },
+  { "perl_taintmode",           opt_bool,        &opt_perl_taintmode },
 #endif
 #ifdef LOOKUP_PGSQL
   { "pgsql_servers",            opt_stringptr,   &pgsql_servers },
author	Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>	2016-02-01 13:13:27 +0100
committer	Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>	2016-04-07 09:45:33 +0200
commit	2f680c0c44778f97c056fb06d60fb03f4cf69c31 (patch)
tree	d8343559845483d313ac6a989591766e3543b237 /src
parent	c0ebc07afcedf09ec166a31a6e14928c2cd03d26 (diff)