From 7d99cba1d36af854760c35100b29f0331f619fca Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 11 Jan 2020 21:49:10 +0000 Subject: redirect router: taint-enforce filenames --- test/confs/0153 | 2 +- test/confs/0251 | 2 +- test/confs/0306 | 2 +- test/confs/0307 | 2 +- test/confs/0452 | 2 +- test/confs/0586 | 17 +++++++++++++++++ test/scripts/0000-Basic/0586 | 4 ++++ test/stdout/0586 | 2 ++ 8 files changed, 28 insertions(+), 5 deletions(-) create mode 100644 test/confs/0586 create mode 100644 test/scripts/0000-Basic/0586 create mode 100644 test/stdout/0586 (limited to 'test') diff --git a/test/confs/0153 b/test/confs/0153 index 69e02ebcf..d70a38e7b 100644 --- a/test/confs/0153 +++ b/test/confs/0153 @@ -23,7 +23,7 @@ list: driver = redirect domains = list.test.ex file = ${if exists{DIR/aux-fixed/TESTNUM.list.${bless:$local_part}} \ - {DIR/aux-fixed/TESTNUM.list.$local_part}fail} + {DIR/aux-fixed/TESTNUM.list.${bless:$local_part}}fail} no_more real: diff --git a/test/confs/0251 b/test/confs/0251 index 180620f11..ea6b78f5e 100644 --- a/test/confs/0251 +++ b/test/confs/0251 @@ -32,7 +32,7 @@ exeter_listr: no_check_local_user domains = listr.test.ex errors_to = ${local_part}-request@test.ex - file = DIR/aux-fixed/TESTNUM.list.${local_part} + file = DIR/aux-fixed/TESTNUM.list.${bless:$local_part} forbid_file forbid_pipe one_time diff --git a/test/confs/0306 b/test/confs/0306 index c8bd1f362..779e155fc 100644 --- a/test/confs/0306 +++ b/test/confs/0306 @@ -27,7 +27,7 @@ r1: driver = redirect domains = lists.test.ex local_part_suffix = -request - file = DIR/aux-fixed/TESTNUM/${bless:$local_part}$local_part_suffix + file = DIR/aux-fixed/TESTNUM/${bless:$local_part$local_part_suffix} r2: driver = redirect diff --git a/test/confs/0307 b/test/confs/0307 index c2019893a..1f61ca3cb 100644 --- a/test/confs/0307 +++ b/test/confs/0307 @@ -24,7 +24,7 @@ r1: ${if exists {DIR/aux-fixed/TESTNUM/$local_part}\ {lsearch;DIR/aux-fixed/TESTNUM/$local_part}{*}}\ }} - file = DIR/aux-fixed/TESTNUM/${bless:$local_part}$local_part_suffix + file = DIR/aux-fixed/TESTNUM/${bless:$local_part$local_part_suffix} forbid_pipe forbid_file one_time diff --git a/test/confs/0452 b/test/confs/0452 index 3608eeed2..7ae6a2ad0 100644 --- a/test/confs/0452 +++ b/test/confs/0452 @@ -17,7 +17,7 @@ begin routers r1: driver = redirect allow_filter - file = DIR/aux-fixed/TESTNUM.filter-$h_fno: + file = DIR/aux-fixed/TESTNUM.${bless:filter-$h_fno:} reply_transport = t2 user = CALLER diff --git a/test/confs/0586 b/test/confs/0586 new file mode 100644 index 000000000..1b2d83571 --- /dev/null +++ b/test/confs/0586 @@ -0,0 +1,17 @@ +# Exim test configuration 0586 + +.include DIR/aux-var/std_conf_prefix + + +# ----- Main settings ----- + + +# ----- Routers ----- + +begin routers + +list: + driver = redirect + file = DIR/aux-fixed/TESTNUM.list.$local_part + +# End diff --git a/test/scripts/0000-Basic/0586 b/test/scripts/0000-Basic/0586 new file mode 100644 index 000000000..0e48328ce --- /dev/null +++ b/test/scripts/0000-Basic/0586 @@ -0,0 +1,4 @@ +# tainted data for filter filename +1 +exim -bv abcd@test.ex +**** diff --git a/test/stdout/0586 b/test/stdout/0586 new file mode 100644 index 000000000..0fe061759 --- /dev/null +++ b/test/stdout/0586 @@ -0,0 +1,2 @@ +abcd@test.ex cannot be resolved at this time: Tainted name 'TESTSUITE/aux-fixed/0586.list.abcd' for file read not permitted + -- cgit v1.2.3