On 12/06/2021 20:56, Andrew C Aitchison via Exim-dev wrote:
On Sat, 12 Jun 2021, Jasen Betts via Exim-dev wrote:
I'm wanting to be able to use expansion variables in the servers=
parameter of query-style lookups.
This immediately sounds dangerous.
[suggested code change]
This seems to work for simple variables which is enough for me. Full
brace expansion does not work (I think the parser gets confused).
As I understand it this is not going to cause a memory leak.
a few lines down from this serverlist is checked to be taint-free so
this feels safe to me.
Isn't the idea to check a string is taint-free *before* expanding it ?
Precisely. Consider what an attacker might present you with to get
expanded, and the extensive facilities that Exim expansion offers.
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim
details at http://www.exim.org/ ##
