From 87f15ee4412890d4e6e93a3aa6a37697dc0912e3 Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Thu, 19 Aug 2021 11:23:08 +0100
Subject: Logging: specific error for tainted tag in debug filename

---
 src/src/log.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/src/log.c b/src/src/log.c
index 1b77f98fa..a7ef3d803 100644
--- a/src/src/log.c
+++ b/src/src/log.c
@@ -518,6 +518,10 @@ switch (type)
     Ustrcpy(debuglog_name, buffer);
     if (tag)
       {
+      if (is_tainted(tag))
+	die(US"exim: tainted tag for debug log filename",
+	      US"Logging failure; please try later");
+
       /* this won't change the offset of the datestamp */
       ok2 = string_format(buffer, sizeof(buffer), "%s%s",
         debuglog_name, tag);
@@ -558,9 +562,7 @@ if (!ok)
 
 /* We now have the file name. After a successful open, return. */
 
-*fd = log_open_as_exim(buffer);
-
-if (*fd >= 0)
+if ((*fd = log_open_as_exim(buffer)) >= 0)
   return;
 
 euid = geteuid();
-- 
cgit v1.2.1