Taint: fix dsearch result to be untainted

author: Jeremy Harris <jgh146exb@wizmail.org> 2020-03-22 00:55:59 +0000
committer: Jeremy Harris <jgh146exb@wizmail.org> 2020-03-22 09:49:46 +0000
commit: 36b600bb776d082be8cdd15c18daed3c29cfda7f (patch)
tree: 36b9fc80996507dc6d3bf7d6a8cdd959d635e728 /src
parent: a76d120aedbb1c19943db1227a14226ce6fdb679 (diff)
1 files changed, 6 insertions, 4 deletions
diff --git a/src/src/lookups/dsearch.c b/src/src/lookups/dsearch.c
index c27f5d6e6..1eb2924f0 100644
--- a/src/src/lookups/dsearch.c
+++ b/src/src/lookups/dsearch.c
@@ -28,7 +28,7 @@ static void *
 dsearch_open(uschar *dirname, uschar **errmsg)
 {
 DIR *dp = opendir(CS dirname);
-if (dp == NULL)
+if (!dp)
   {
   int save_errno = errno;
   *errmsg = string_open_failed(errno, "%s for directory search", dirname);
@@ -47,8 +47,8 @@ return (void *)(-1);
 /* The handle will always be (void *)(-1), but don't try casting it to an
 integer as this gives warnings on 64-bit systems. */
 
-BOOL
-static dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners,
+static BOOL
+dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners,
   gid_t *owngroups, uschar **errmsg)
 {
 handle = handle;
@@ -87,7 +87,9 @@ if (Ustrchr(keystring, '/') != 0)
 filename = string_sprintf("%s/%s", dirname, keystring);
 if (Ulstat(filename, &statbuf) >= 0)
   {
-  *result = string_copy(keystring);
+  /* Since the filename exists in the filesystem, we can return a
+  non-tainted result. */
+  *result = string_copy_taint(keystring, FALSE);
   return OK;
   }
author	Jeremy Harris <jgh146exb@wizmail.org>	2020-03-22 00:55:59 +0000
committer	Jeremy Harris <jgh146exb@wizmail.org>	2020-03-22 09:49:46 +0000
commit	36b600bb776d082be8cdd15c18daed3c29cfda7f (patch)
tree	36b9fc80996507dc6d3bf7d6a8cdd959d635e728 /src
parent	a76d120aedbb1c19943db1227a14226ce6fdb679 (diff)