On 7/10/21 7:40 PM, Jeremy Harris via Exim-users wrote:
On 07/07/2021 21:44, Jeremy Harris via Exim-users wrote:
On 07/07/2021 16:17, Jeremy Harris via Exim-users wrote:
I'm failing to find in the code where that might happen,
unfortunately.
Found it. And, yes, that's a bug.
Should be an easy fix.
Thinking on it, this is a poster-child for taint-tracking.
The bug was there at initial feature-introduction in 2004.
Nobody noticed, for seventeen years.
And it was potentially exploitable, until taint-tracking
was introduced.
All right, thanks for info !
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
