summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--IkiWiki/Plugin/remove.pm7
1 files changed, 6 insertions, 1 deletions
diff --git a/IkiWiki/Plugin/remove.pm b/IkiWiki/Plugin/remove.pm
index badcfe667..e56a4a99c 100644
--- a/IkiWiki/Plugin/remove.pm
+++ b/IkiWiki/Plugin/remove.pm
@@ -135,7 +135,12 @@ sub sessioncgi ($$) { #{{{
elsif (! -f "$config{srcdir}/$file") {
error(sprintf(gettext("%s is not a file"), $file));
}
- push @files, $file;
+
+ # This untaint is safe because we've
+ # verified the file is a known source file,
+ # and is in the srcdir, and is a regular
+ # file.
+ push @files, possibly_foolish_untaint($file);
}
# Do removal, and update the wiki.