diff options
author | Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> | 2020-11-21 22:41:28 +0100 |
---|---|---|
committer | Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> | 2021-04-28 00:40:30 +0200 |
commit | 1e9a340c05d7233969637095a8a6378b14de2976 (patch) | |
tree | 6a042c3ca69b136497587d8ebdb4b01f76d599f2 /src/src/store.h | |
parent | 2d9f1837bdd6c5946cb9cd997544eefc8cc14fc4 (diff) | |
download | exim4-1e9a340c05d7233969637095a8a6378b14de2976.tar.gz |
SECURITY: Fix safeguard against upward traversal in msglog files.
Credits: Qualys
3/ In src/deliver.c:
333 static int
334 open_msglog_file(uschar *filename, int mode, uschar **error)
335 {
336 if (Ustrstr(filename, US"/../"))
337 log_write(0, LOG_MAIN|LOG_PANIC,
338 "Attempt to open msglog file path with upward-traversal: '%s'\n", filename);
Should this be LOG_PANIC_DIE instead of LOG_PANIC? Right now it will log
the /../ attempt but will open the file anyway.
(cherry picked from commit 742c27f02d83792937dcb1719b380d3dde6228bf)
Diffstat (limited to 'src/src/store.h')
0 files changed, 0 insertions, 0 deletions