/* We start with just the local part for pipe, file, and reply deliveries, and
for successful local deliveries from routers that have the log_as_local flag
set. File deliveries from filters can be specified as non-absolute paths in
-cases where the transport is goin to complete the path. If there is an error
+cases where the transport is going to complete the path. If there is an error
before this happens (expansion failure) the local part will not be updated, and
so won't necessarily look like a path. Add extra text for this case. */
)
)
)
- log_write(0, LOG_MAIN|LOG_PANIC, "Failed writing transport results to pipe: %s\n",
+ log_write(0, LOG_MAIN|LOG_PANIC, "Failed writing transport results to pipe: %s",
ret == -1 ? strerror(errno) : "short write");
/* Now any messages */
if( (ret = write(pfd[pipe_write], &message_length, sizeof(int))) != sizeof(int)
|| message_length > 0 && (ret = write(pfd[pipe_write], s, message_length)) != message_length
)
- log_write(0, LOG_MAIN|LOG_PANIC, "Failed writing transport results to pipe: %s\n",
+ log_write(0, LOG_MAIN|LOG_PANIC, "Failed writing transport results to pipe: %s",
ret == -1 ? strerror(errno) : "short write");
}
}
for (addr2 = addr; addr2; addr2 = addr2->next)
{
- len = read(pfd[pipe_read], &status, sizeof(int));
- if (len > 0)
+ if ((len = read(pfd[pipe_read], &status, sizeof(int))) > 0)
{
int i;
uschar **sptr;
if (testflag(addr2, af_file))
{
- int local_part_length;
- len = read(pfd[pipe_read], &local_part_length, sizeof(int));
- len = read(pfd[pipe_read], big_buffer, local_part_length);
- big_buffer[local_part_length] = 0;
+ int llen;
+ if ( read(pfd[pipe_read], &llen, sizeof(int)) != sizeof(int)
+ || llen > 64*4 /* limit from rfc 5821, times I18N factor */
+ )
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC, "bad local_part length read"
+ " from delivery subprocess");
+ break;
+ }
+ /* sanity-checked llen so disable the Coverity error */
+ /* coverity[tainted_data] */
+ if (read(pfd[pipe_read], big_buffer, llen) != llen)
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC, "bad local_part read"
+ " from delivery subprocess");
+ break;
+ }
+ big_buffer[llen] = 0;
addr2->local_part = string_copy(big_buffer);
}
{
#ifdef SUPPORT_SOCKS
case '2': /* proxy information; must arrive before A0 and applies to that addr XXX oops*/
- proxy_session = TRUE; /*XXX shouod this be cleared somewhere? */
+ proxy_session = TRUE; /*XXX should this be cleared somewhere? */
if (*ptr == 0)
ptr++;
else
) )
&& ( !multi_domain
|| ( (
- !tp->expand_multi_domain || (deliver_set_expansions(next), 1),
+ (void)(!tp->expand_multi_domain || ((void)deliver_set_expansions(next), 1)),
exp_bool(addr,
US"transport", next->transport->name, D_transport,
US"multi_domain", next->transport->multi_domain,
}
/* Now fork a subprocess to do the remote delivery, but before doing so,
- ensure that any cached resourses are released so as not to interfere with
+ ensure that any cached resources are released so as not to interfere with
what happens in the subprocess. */
search_tidyup();
"journal file\n", big_buffer);
}
rewind(jread);
- journal_fd = fileno(jread);
+ if ((journal_fd = dup(fileno(jread))) < 0)
+ journal_fd = fileno(jread);
+ else
+ (void) fclose(jread); /* Try to not leak the FILE resource */
+
/* Panic-dies on error */
(void)spool_write_header(message_id, SW_DELIVERING, NULL);
}
/* Otherwise, handle the sending of a message. Find the error address for
the first address, then send a message that includes all failed addresses
that have the same error address. Note the bounce_recipient is a global so
- that it can be accesssed by $bounce_recipient while creating a customized
+ that it can be accessed by $bounce_recipient while creating a customized
error message. */
else
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to unlink %s: %s", fname,
strerror(errno));
- /* Move the message off the spool if reqested */
+ /* Move the message off the spool if requested */
#ifdef SUPPORT_MOVE_FROZEN_MESSAGES
if (deliver_freeze && move_frozen_messages)
projects / exim.git / blobdiff