* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2009 */
+/* Copyright (c) University of Cambridge 1995 - 2015 */
/* See the file NOTICE for conditions of use and distribution. */
/* The idea for this code came from Matthew Byng-Maddick, but his original has
actually scanning through the list of files. */
static void *
-dsearch_open(uschar *dirname, uschar **errmsg)
+dsearch_open(const uschar * dirname, uschar ** errmsg)
{
-DIR *dp = opendir(CS dirname);
-if (dp == NULL)
+DIR * dp = exim_opendir(dirname);
+if (!dp)
{
int save_errno = errno;
*errmsg = string_open_failed(errno, "%s for directory search", dirname);
/* The handle will always be (void *)(-1), but don't try casting it to an
integer as this gives warnings on 64-bit systems. */
-BOOL
-static dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners,
- gid_t *owngroups, uschar **errmsg)
+static BOOL
+dsearch_check(void * handle, const uschar * filename, int modemask,
+ uid_t * owners, gid_t * owngroups, uschar ** errmsg)
{
handle = handle;
-return lf_check_file(-1, filename, S_IFDIR, modemask, owners, owngroups,
- "dsearch", errmsg) == 0;
+if (*filename == '/')
+ return lf_check_file(-1, filename, S_IFDIR, modemask, owners, owngroups,
+ "dsearch", errmsg) == 0;
+*errmsg = string_sprintf("dirname '%s' for dsearch is not absolute", filename);
+return FALSE;
}
* Find entry point *
*************************************************/
+#define RET_FULL BIT(0)
+#define FILTER_TYPE BIT(1)
+#define FILTER_ALL BIT(1)
+#define FILTER_FILE BIT(2)
+#define FILTER_DIR BIT(3)
+#define FILTER_SUBDIR BIT(4)
+
/* See local README for interface description. We use lstat() instead of
scanning the directory, as it is hopefully faster to let the OS do the scanning
for us. */
-int
-static dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length,
- uschar **result, uschar **errmsg, BOOL *do_cache)
+static int
+dsearch_find(void * handle, const uschar * dirname, const uschar * keystring,
+ int length, uschar ** result, uschar ** errmsg, uint * do_cache,
+ const uschar * opts)
{
struct stat statbuf;
int save_errno;
-uschar filename[PATH_MAX];
+uschar * filename;
+unsigned flags = 0;
handle = handle; /* Keep picky compilers happy */
length = length;
return DEFER;
}
-if (!string_format(filename, sizeof(filename), "%s/%s", dirname, keystring))
+if (opts)
{
- *errmsg = US"path name too long";
- return DEFER;
+ int sep = ',';
+ uschar * ele;
+
+ while ((ele = string_nextinlist(&opts, &sep, NULL, 0)))
+ if (Ustrcmp(ele, "ret=full") == 0)
+ flags |= RET_FULL;
+ else if (Ustrncmp(ele, "filter=", 7) == 0)
+ {
+ ele += 7;
+ if (Ustrcmp(ele, "file") == 0)
+ flags |= FILTER_TYPE | FILTER_FILE;
+ else if (Ustrcmp(ele, "dir") == 0)
+ flags |= FILTER_TYPE | FILTER_DIR;
+ else if (Ustrcmp(ele, "subdir") == 0)
+ flags |= FILTER_TYPE | FILTER_SUBDIR; /* like dir but not "." or ".." */
+ }
}
-if (Ulstat(filename, &statbuf) >= 0)
+filename = string_sprintf("%s/%s", dirname, keystring);
+if ( Ulstat(filename, &statbuf) >= 0
+ && ( !(flags & FILTER_TYPE)
+ || (flags & FILTER_FILE && S_ISREG(statbuf.st_mode))
+ || ( flags & (FILTER_DIR | FILTER_SUBDIR)
+ && S_ISDIR(statbuf.st_mode)
+ && ( flags & FILTER_DIR
+ || keystring[0] != '.'
+ || keystring[1] != '.'
+ || keystring[1] && keystring[2]
+ ) ) ) )
{
- *result = string_copy(keystring);
+ /* Since the filename exists in the filesystem, we can return a
+ non-tainted result. */
+ *result = string_copy_taint(flags & RET_FULL ? filename : keystring, FALSE);
return OK;
}
projects / exim.git / blobdiff