Marc Haber via Exim-users <exim-users@exim.org> (Mi 03 Jul 2019 18:17:24 CEST): > On Sun, 23 Jun 2019 20:02:33 +0100, Jeremy Harris via Exim-users > <exim-users@exim.org> wrote: > > deny local_parts = \N ^.*$ : ^.*\\x24 : ^.*\\0?44 \N > > message = no mate > > This might be a really stupid question, but what exactly does that do? > > ^.*$ blocks local_parts containing a $ > ^.\\x24 does the same? > but I'm stymied about the \\0.44 notation, what's that?
From my POV ^.*$ matches *any* local_part, as $ is the string's end anchor, isn't it?. But I can't imagine that such mistake happens to Jeremy, so I assume, I'm missing the point here. \\x24 should match the literal \x24, which may be used to encode the dollar sign for the unintended local_part expansion in the vulnerable code. \\044 and \\44 may encode the dollar sign in base8 notation, with and w/o the leading zero. Both are collapsed into \\0?44 But I may be totally wrong here. -- Heiko
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/