whimsical-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s...@apache.org
Subject [whimsy] branch master updated: Try untainting whole param
Date Fri, 17 Jan 2020 18:32:46 GMT
This is an automated email from the ASF dual-hosted git repository.

sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git


The following commit(s) were added to refs/heads/master by this push:
     new 785aeeb  Try untainting whole param
785aeeb is described below

commit 785aeeb40b4bb242c9d2314b727e620c8139081a
Author: Sebb <sebb@apache.org>
AuthorDate: Fri Jan 17 18:32:38 2020 +0000

    Try untainting whole param
---
 lib/whimsy/asf/ldap.rb                              | 5 +++++
 www/secretary/workbench/views/actions/icla2.json.rb | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/lib/whimsy/asf/ldap.rb b/lib/whimsy/asf/ldap.rb
index f0e4969..0955617 100644
--- a/lib/whimsy/asf/ldap.rb
+++ b/lib/whimsy/asf/ldap.rb
@@ -361,6 +361,11 @@ module ASF
       object.instance_variable_set(attr, WeakRef.new(value))
     end
 
+if object == self
+    puts "Save #{attr} #{object}"
+else
+  puts "Nosave #{attr} #{object}"
+end 
     # keep track of which weak references are saved
     @@weakrefs << attr if object == self
   end
diff --git a/www/secretary/workbench/views/actions/icla2.json.rb b/www/secretary/workbench/views/actions/icla2.json.rb
index 30b3280..1d0a006 100644
--- a/www/secretary/workbench/views/actions/icla2.json.rb
+++ b/www/secretary/workbench/views/actions/icla2.json.rb
@@ -69,7 +69,7 @@ end
 #   - calling .max on an empty array returns nil.  Treat it as one as there
 #     is an existing document that will be moved into this directory.
 #   - If all else fails, set count to "N"
-count = (Array(ASF::SVN.list(ASF::SVN.svnurl('iclas') + '/' + @filename.untaint)).
+count = (Array(ASF::SVN.list((ASF::SVN.svnurl('iclas') + '/' + @filename).untaint)).
       first.to_s.split.
       map {|name| name[/.*(\d+)\./, 1] || 1}.
       map(&:to_i).max || 1) + 1 rescue 'N'


Mime
View raw message