projects / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
taint enforce: file access backstops
[exim.git] / src / src / malware.c
diff --git a/src/src/malware.c b/src/src/malware.c
index ef27daf377b2d336ef354979dae2e62f23138dfa..ec2f7c1cfc7681eac5e9a1d34acbb15895bde805 100644 (file)
--- a/src/src/malware.c
+++ b/src/src/malware.c
@@ -791,7 +791,7 @@ if (!malware_ok)
       if (*scanner_options != '/')
        {
        /* calc file size */
-       if ((drweb_fd = open(CCS eml_filename, O_RDONLY)) == -1)
+       if ((drweb_fd = exim_open(CCS eml_filename, O_RDONLY)) == -1)
          return m_panic_defer_3(scanent, NULL,
            string_sprintf("can't open spool file %s: %s",
              eml_filename, strerror(errno)),
@@ -1362,13 +1362,10 @@ badseek:  err = errno;
        malware_name = US"unknown";
 
        /* re-open the scanner output file, look for name match */
-       scanner_record = fopen(CS file_name, "rb");
-       while (fgets(CS linebuffer, sizeof(linebuffer), scanner_record))
-         {
-         /* try match */
-         if ((s = m_pcre_exec(cmdline_regex_re, linebuffer)))
+       scanner_record = Ufopen(file_name, "rb");
+       while (Ufgets(linebuffer, sizeof(linebuffer), scanner_record))
+         if ((s = m_pcre_exec(cmdline_regex_re, linebuffer))) /* try match */
            malware_name = s;
-         }
        (void)fclose(scanner_record);
        }
       else /* no virus found */
@@ -1638,7 +1635,7 @@ badseek:  err = errno;
              malware_daemon_ctx.sock);
 
        /* calc file size */
-       if ((clam_fd = open(CS eml_filename, O_RDONLY)) < 0)
+       if ((clam_fd = exim_open2(CS eml_filename, O_RDONLY)) < 0)
          {
          int err = errno;
          return m_panic_defer_3(scanent, NULL,
Unnamed repository; edit this file 'description' to name the repository.