diff options
author | joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2007-05-10 18:54:37 +0000 |
---|---|---|
committer | joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2007-05-10 18:54:37 +0000 |
commit | b15f37e9e9e617e049207eca04652a8794e9b1de (patch) | |
tree | 73a18792a9adbd92f834ad6c18af5442fb3c897f /doc/bugs | |
parent | 7e09aa1134d7adb1e6c7c91b34b4d620ebeef5c4 (diff) |
response
Diffstat (limited to 'doc/bugs')
-rw-r--r-- | doc/bugs/Insecure_dependency_in_eval_while_running_with_-T_switch.mdwn | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/doc/bugs/Insecure_dependency_in_eval_while_running_with_-T_switch.mdwn b/doc/bugs/Insecure_dependency_in_eval_while_running_with_-T_switch.mdwn index bed5691f3..befda2a93 100644 --- a/doc/bugs/Insecure_dependency_in_eval_while_running_with_-T_switch.mdwn +++ b/doc/bugs/Insecure_dependency_in_eval_while_running_with_-T_switch.mdwn @@ -67,4 +67,20 @@ because `patch` command fails: Could you please fix that patch? I guess how to do it, but I don't want to break the code I distribute in my backport ;) --- Pawel
\ No newline at end of file +-- Pawel + +> It's not my patch.. IIRC my suggestion was simply to do this: --[Joey]] + + Index: IkiWiki.pm + =================================================================== + --- IkiWiki.pm (revision 3565) + +++ IkiWiki.pm (working copy) + @@ -1005,7 +1005,7 @@ + unshift @params, "location"; + } + + - my $ret=eval pagespec_translate($spec); + + my $ret=eval possibly_foolish_untaint(pagespec_translate($spec)); + return IkiWiki::FailReason->new("syntax error") if $@; + return $ret; + } #}}} |