- If the regexp doesn't match, $1 (from some previous match) is returned anyway with no warning.
- The empty string ("") is a safe path but does not match the regexp.
- The tilde character ("~") is rejected although it is legal and safe when not in the first non-whitespace position. On Windows, it can appear in an 8.3-format shortened path.
Here is a first cut at a patch.
Barry
--- snip ---
*** Util.pm 2003/04/04 13:19:45 1.1.1.1
--- Util.pm 2003/04/04 17:26:37
***************
*** 107,115 ****
#
sub untaint_file_path {
my ($path) = @_;
! return unless defined($path);
! $path =~ /^([-_A-Za-z\xA0-\xFF [EMAIL PROTECTED],\/\\\:]+)$/;
! return $1;
} ###########################################################################
--- 107,122 ----
#
sub untaint_file_path {
my ($path) = @_;
! my $chars = '[EMAIL PROTECTED],\/\\\:';
! my $re = qr/^(\s*[$chars][${chars}~ ]*)$/o;
!
! return "" if (!defined($path) || $path eq "");
! if ($path =~ $re) {
! return $1;
! } else {
! warn "Cannot untaint path: \"$path\"\n";
! return $path;
! }
}###########################################################################
-------------------------------------------------------
This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server
http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
