os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

taint mode fixes

Browse source
This commit is contained in:
Wolfram Schneider 2006-11-30 20:36:31 +00:00
parent ef74ff8206
commit 2e48c6cb17
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/www/; revision=29150
1 changed files with 8 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

9
en/cgi/mailindex.cgi
View file

@ -24,7 +24,7 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE. # SUCH DAMAGE.
# #
# $FreeBSD: www/en/cgi/mailindex.cgi,v 1.7 2005/10/31 15:25:05 fenner Exp $ # $FreeBSD: www/en/cgi/mailindex.cgi,v 1.8 2006/03/24 06:24:41 kuriyama Exp $
use CGI; use CGI;
@ -67,6 +67,13 @@ if (!$file) {
# forbid link to parent directories # forbid link to parent directories
$file =~ s%\.\./%%g; $file =~ s%\.\./%%g;
if ($file =~ m,^([0-9a-z/-]+)$,) {
$file = $1;
} else {
print "Unknown file name given\n";
exit;
}
sub file_not_exists { sub file_not_exists {
my $file = shift; my $file = shift;