diff options
author | Joey Hess <joey@kodama.kitenet.net> | 2008-07-21 16:20:02 -0400 |
---|---|---|
committer | Joey Hess <joey@kodama.kitenet.net> | 2008-07-21 16:20:02 -0400 |
commit | b182f5e573ce69635690a09149f9d09654b9e067 (patch) | |
tree | de45b64b75cf14745d35fb8ebb4d07f76e2be6a7 /IkiWiki | |
parent | 2461ce0de6231bfeea4d98c86806cdbb85683297 (diff) |
need to untaint..
Diffstat (limited to 'IkiWiki')
-rw-r--r-- | IkiWiki/Plugin/remove.pm | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/IkiWiki/Plugin/remove.pm b/IkiWiki/Plugin/remove.pm index badcfe667..e56a4a99c 100644 --- a/IkiWiki/Plugin/remove.pm +++ b/IkiWiki/Plugin/remove.pm @@ -135,7 +135,12 @@ sub sessioncgi ($$) { #{{{ elsif (! -f "$config{srcdir}/$file") { error(sprintf(gettext("%s is not a file"), $file)); } - push @files, $file; + + # This untaint is safe because we've + # verified the file is a known source file, + # and is in the srcdir, and is a regular + # file. + push @files, possibly_foolish_untaint($file); } # Do removal, and update the wiki. |