[prev in list] [next in list] [prev in thread] [next in thread]
List: exim-users
Subject: Re: [exim] Exim 4.93 published.
From: Jeremy Harris via Exim-users <exim-users () exim ! org>
Date: 2019-12-11 21:55:17
Message-ID: 4992f69c-49b7-df09-dce9-facf5e82a0c1 () wizmail ! org
[Download RAW message or body]
On 11/12/2019 14:31, Lena--- via Exim-users wrote:
> uschar *dir = expand_string(US "$spool_directory/grey");
> size_t dir_len = strlen(dir);
> uschar *filename = US store_get(dir_len+257, FALSE);
If your intended use of the rest of the allocated store is safe, yes.
"Safe" means "no content provided by a potential attacker".
Otherwise use "TRUE" (but you'd be foolish to go on and use
that for a filename).
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic