perl-modperl-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From do...@apache.org
Subject cvs commit: modperl/File File.pm
Date Tue, 16 Apr 2002 02:39:31 GMT
dougm       02/04/15 19:39:31

  Modified:    File     File.pm
  Log:
  fix taint issue with bleedperl
  
  Revision  Changes    Path
  1.7       +1 -1      modperl/File/File.pm
  
  Index: File.pm
  ===================================================================
  RCS file: /home/cvs/modperl/File/File.pm,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- File.pm	2 Mar 2000 01:57:46 -0000	1.6
  +++ File.pm	16 Apr 2002 02:39:31 -0000	1.7
  @@ -12,7 +12,6 @@
   
   my $TMPNAM = 'aaaaaa';
   my $TMPDIR = $ENV{'TMPDIR'} || $ENV{'TEMP'} || '/tmp';
  -($TMPDIR) = $TMPDIR =~ /^([^<>|;*]+)$/; #untaint
   my $Mode = Fcntl::O_RDWR()|Fcntl::O_EXCL()|Fcntl::O_CREAT();
   my $Perms = 0600;
    
  @@ -22,6 +21,7 @@
       my $r = Apache->request;
       while($limit--) {
           my $tmpfile = "$TMPDIR/${$}" . $TMPNAM++;
  +        ($tmpfile) = $tmpfile =~ /^([^<>|;*]+)$/; #untaint
           my $fh = $class->new;
   	sysopen($fh, $tmpfile, $Mode, $Perms);
   	$r->register_cleanup(sub { unlink $tmpfile }) if $r;
  
  
  

Mime
View raw message