summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/doc-txt/ChangeLog2
-rw-r--r--src/src/exim.c19
2 files changed, 12 insertions, 9 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index f9e39d2dc..f10e45cee 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -22,6 +22,8 @@ JH/04 Support CHUNKING from an smtp transport using a transport_filter, when
DKIM signing is being done. Previously a transport_filter would always
disable CHUNKING, falling back to traditional DATA.
+JH/05 Regard command-line receipients as tainted.
+
Exim version 4.93
-----------------
diff --git a/src/src/exim.c b/src/src/exim.c
index d6952ef2e..a30e35bca 100644
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -4809,8 +4809,9 @@ if (verify_address_mode || f.address_test_mode)
{
while (recipients_arg < argc)
{
- uschar *s = argv[recipients_arg++];
- while (*s != 0)
+ /* Supplied addresses are tainted since they come from a user */
+ uschar * s = string_copy_taint(argv[recipients_arg++], TRUE);
+ while (*s)
{
BOOL finished = FALSE;
uschar *ss = parse_find_address_end(s, FALSE);
@@ -4818,16 +4819,16 @@ if (verify_address_mode || f.address_test_mode)
test_address(s, flags, &exit_value);
s = ss;
if (!finished)
- while (*(++s) != 0 && (*s == ',' || isspace(*s)));
+ while (*++s == ',' || isspace(*s)) ;
}
}
}
else for (;;)
{
- uschar *s = get_stdinput(NULL, NULL);
- if (s == NULL) break;
- test_address(s, flags, &exit_value);
+ uschar * s = get_stdinput(NULL, NULL);
+ if (!s) break;
+ test_address(string_copy_taint(s, TRUE), flags, &exit_value);
}
route_tidyup();
@@ -5321,13 +5322,13 @@ while (more)
raw_sender = string_copy(sender_address);
- /* Loop for each argument */
+ /* Loop for each argument (supplied by user hence tainted) */
for (int i = 0; i < count; i++)
{
int start, end, domain;
- uschar *errmess;
- uschar *s = list[i];
+ uschar * errmess;
+ uschar * s = string_copy_taint(list[i], TRUE);
/* Loop for each comma-separated address */