Fix DKIM verify when used with CHUNKING. Bug 2016

[exim.git] / src / src / exim_dbmbuild.c

diff --git a/src/src/exim_dbmbuild.c b/src/src/exim_dbmbuild.c
index d9f3bfc6aad946b0b5c4d3efef79c8d2eec85b9e..85ae9012bc73ff1968be99b82843b02b30529d25 100644 (file)
--- a/src/src/exim_dbmbuild.c
+++ b/src/src/exim_dbmbuild.c
@@ -1,10 +1,8 @@
-/* $Cambridge: exim/src/src/exim_dbmbuild.c,v 1.4 2005/06/27 14:29:43 ph10 Exp $ */
-
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
-/* Copyright (c) University of Cambridge 1995 - 2005 */
+/* Copyright (c) University of Cambridge 1995 - 2015 */
 /* See the file NOTICE for conditions of use and distribution. */
 
 
@@ -39,7 +37,7 @@ characters. */
 /* This is global because it's defined in the headers and compilers grumble
 if it is made static. */
 
-uschar *hex_digits = US"0123456789abcdef";
+const uschar *hex_digits = CUS"0123456789abcdef";
 
 
 #ifdef STRERROR_FROM_ERRLIST
@@ -90,10 +88,10 @@ Returns:   the value of the character escape
 */
 
 int
-string_interpret_escape(uschar **pp)
+string_interpret_escape(const uschar **pp)
 {
 int ch;
-uschar *p = *pp;
+const uschar *p = *pp;
 ch = *(++p);
 if (isdigit(ch) && ch != '8' && ch != '9')
   {
@@ -151,8 +149,8 @@ EXIM_DB *d;
 EXIM_DATUM key, content;
 uschar *bptr;
 uschar  keybuffer[256];
-uschar  temp_dbmname[256];
-uschar  real_dbmname[256];
+uschar  temp_dbmname[512];
+uschar  real_dbmname[512];
 uschar *buffer = malloc(max_outsize);
 uschar *line = malloc(max_insize);
 
@@ -195,6 +193,15 @@ if (Ustrcmp(argv[arg], argv[arg+1]) == 0)
   }
 #endif
 
+/* Check length of filename; allow for adding .dbmbuild_temp and .db or
+.dir/.pag later. */
+
+if (strlen(argv[arg+1]) > sizeof(temp_dbmname) - 20)
+  {
+  printf("exim_dbmbuild: output filename is ridiculously long\n");
+  exit(1);
+  }
+
 Ustrcpy(temp_dbmname, argv[arg+1]);
 Ustrcat(temp_dbmname, ".dbmbuild_temp");
 
@@ -234,7 +241,8 @@ while (Ufgets(line, max_insize, f) != NULL)
   if (len >= max_insize - 1 && p[-1] != '\n')
     {
     printf("Overlong line read: max permitted length is %d\n", max_insize - 1);
-    return 1;
+    yield = 2;
+    goto TIDYUP;
     }
 
   if (line[0] == '#') continue;
@@ -260,7 +268,8 @@ while (Ufgets(line, max_insize, f) != NULL)
       {
       printf("Continued set of lines is too long: max permitted length is %d\n",
         max_outsize -1);
-      return 1;
+      yield = 2;
+      goto TIDYUP;
       }
 
     Ustrcpy(bptr, s);
@@ -320,7 +329,7 @@ while (Ufgets(line, max_insize, f) != NULL)
       keystart = t;
       while (*s != 0 && *s != '\"')
         {
-        if (*s == '\\') *t++ = string_interpret_escape(&s);
+        if (*s == '\\') *t++ = string_interpret_escape((const uschar **)&s);
           else *t++ = *s;
         s++;
         }
@@ -469,9 +478,11 @@ if (yield == 0 || yield == 1)
 else
   {
   printf("dbmbuild abandoned\n");
-  #if defined(USE_DB) || defined(USE_TDB) || defined(USE_GDBM)
+#if defined(USE_DB) || defined(USE_TDB) || defined(USE_GDBM)
+  /* We created it, so safe to delete despite the name coming from outside */
+  /* coverity[tainted_string] */
   Uunlink(temp_dbmname);
-  #else
+#else
   if (is_db)
     {
     sprintf(CS real_dbmname, "%s.db", temp_dbmname);
@@ -484,7 +495,7 @@ else
     sprintf(CS real_dbmname, "%s.pag", temp_dbmname);
     Uunlink(real_dbmname);
     }
-  #endif /* USE_DB || USE_TDB */
+#endif /* USE_DB || USE_TDB */
   }
 
 return yield;