amavisd-new & broken mysql
mail at tomsommer.dk
Thu Jun 13 10:51:43 CEST 2019
On 2019-06-13 10:17, pali at cpan.org wrote:
> For more then 2 years people complain about semi-broken support when
> amavisd-new use MySQL database as a storage via DBD::mysql driver.
> See e.g. this ticket:
> In past I tried to fix this problem in DBD::mysql, but due to
> compatibility with legacy DBD::mysql applications, fix had to be
To me, it seems better to fix the problem in Amavisd.
I think the problem is the usage of untaint() in SQL statements, like
$partition_tag, $msginfo->mail_id, $msginfo->secret_id,
$msginfo->log_id, int($msginfo->rx_time), $time_iso,
As far as I can see untaint() forces a string value, which fucks up the
In this example, $sid becomes a string, but the database-schema and
driver expects a BIGINT?
But I'm really no expert in Perl, so I'm not 100% sure.
More information about the amavis-users